Python / Datadog API Collection / Add a security signal to an incident
Back to Collection Items
import sys
import chilkat2
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
http = chilkat2.Http()
# Use this online tool to generate code from sample JSON: Generate Code to Create JSON
# The following JSON is sent in the request body.
# {
# "incident_id": 2066,
# "add_to_signal_timeline": false,
# "version": 19001465
# }
json = chilkat2.JsonObject()
json.UpdateInt("incident_id",2066)
json.UpdateBool("add_to_signal_timeline",False)
json.UpdateInt("version",19001465)
http.SetRequestHeader("Content-Type","application/json")
http.SetRequestHeader("Accept","application/json")
sbRequestBody = chilkat2.StringBuilder()
json.EmitSb(sbRequestBody)
# resp is a CkHttpResponse
resp = http.PTextSb("PATCH","https://api.app.ddog-gov.com/api/v1/security_analytics/signals/:signal_id/add_to_incident",sbRequestBody,"utf-8","application/json",False,False)
if (http.LastMethodSuccess == False):
print(http.LastErrorText)
sys.exit()
sbResponseBody = chilkat2.StringBuilder()
resp.GetBodySb(sbResponseBody)
jResp = chilkat2.JsonObject()
jResp.LoadSb(sbResponseBody)
jResp.EmitCompact = False
print("Response Body:")
print(jResp.Emit())
respStatusCode = resp.StatusCode
print("Response Status Code = " + str(respStatusCode))
if (respStatusCode >= 400):
print("Response Header:")
print(resp.Header)
print("Failed.")
sys.exit()
# Sample JSON response:
# (Sample code for parsing the JSON response is shown below)
# {
# "status": "conse"
# }
# Sample code for parsing the JSON response...
# Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
status = jResp.StringOf("status")
Curl Command
curl -X PATCH
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"incident_id": 2066,
"add_to_signal_timeline": false,
"version": 19001465
}'
https://api.app.ddog-gov.com/api/v1/security_analytics/signals/:signal_id/add_to_incident
Postman Collection Item JSON
{
"name": "Add a security signal to an incident",
"request": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id",
"value": "tempor Ut sed velit"
}
]
},
"description": "Add a security signal to an incident. This makes it possible to search for signals by incident within the signal explorer and to view the signals on the incident timeline."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"status\": \"conse\"\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
},
{
"name": "Forbidden",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
}
]
}