delphiDll / Datadog API Collection / Change the triage state of a security signal
Back to Collection Items
var
http: HCkHttp;
success: Boolean;
json: HCkJsonObject;
sbRequestBody: HCkStringBuilder;
resp: HCkHttpResponse;
sbResponseBody: HCkStringBuilder;
jResp: HCkJsonObject;
respStatusCode: Integer;
strVal: PWideChar;
Uuid: PWideChar;
Handle: PWideChar;
Icon: PWideChar;
Id: PWideChar;
Name: PWideChar;
State: PWideChar;
Archive_comment: PWideChar;
Archive_comment_timestamp: PWideChar;
Archive_comment_userUuid: PWideChar;
Archive_comment_userHandle: PWideChar;
Archive_comment_userIcon: PWideChar;
Archive_comment_userId: PWideChar;
Archive_comment_userName: PWideChar;
Archive_reason: PWideChar;
State_update_timestamp: PWideChar;
State_update_userUuid: PWideChar;
State_update_userHandle: PWideChar;
State_update_userIcon: PWideChar;
State_update_userId: PWideChar;
State_update_userName: PWideChar;
dataId: PWideChar;
v_Type: PWideChar;
i: Integer;
count_i: Integer;
begin
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
http := CkHttp_Create();
// Use this online tool to generate code from sample JSON: Generate Code to Create JSON
// The following JSON is sent in the request body.
// {
// "data": {
// "attributes": {
// "state": "under_review",
// "archive_comment": "<string>",
// "archive_reason": "none",
// "version": "<long>"
// },
// "id": {
// "description": "The unique ID of the security signal."
// },
// "type": "signal_metadata"
// }
// }
json := CkJsonObject_Create();
CkJsonObject_UpdateString(json,'data.attributes.state','under_review');
CkJsonObject_UpdateString(json,'data.attributes.archive_comment','<string>');
CkJsonObject_UpdateString(json,'data.attributes.archive_reason','none');
CkJsonObject_UpdateString(json,'data.attributes.version','<long>');
CkJsonObject_UpdateString(json,'data.id.description','The unique ID of the security signal.');
CkJsonObject_UpdateString(json,'data.type','signal_metadata');
CkHttp_SetRequestHeader(http,'Content-Type','application/json');
CkHttp_SetRequestHeader(http,'Accept','application/json');
sbRequestBody := CkStringBuilder_Create();
CkJsonObject_EmitSb(json,sbRequestBody);
resp := CkHttp_PTextSb(http,'PATCH','https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/:signal_id/state',sbRequestBody,'utf-8','application/json',False,False);
if (CkHttp_getLastMethodSuccess(http) = False) then
begin
Memo1.Lines.Add(CkHttp__lastErrorText(http));
Exit;
end;
sbResponseBody := CkStringBuilder_Create();
CkHttpResponse_GetBodySb(resp,sbResponseBody);
jResp := CkJsonObject_Create();
CkJsonObject_LoadSb(jResp,sbResponseBody);
CkJsonObject_putEmitCompact(jResp,False);
Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(CkJsonObject__emit(jResp));
respStatusCode := CkHttpResponse_getStatusCode(resp);
Memo1.Lines.Add('Response Status Code = ' + IntToStr(respStatusCode));
if (respStatusCode >= 400) then
begin
Memo1.Lines.Add('Response Header:');
Memo1.Lines.Add(CkHttpResponse__header(resp));
Memo1.Lines.Add('Failed.');
CkHttpResponse_Dispose(resp);
Exit;
end;
CkHttpResponse_Dispose(resp);
// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)
// {
// "data": {
// "attributes": {
// "assignee": {
// "uuid": "<string>",
// "handle": "<string>",
// "icon": "<string>",
// "id": "<long>",
// "name": "<string>"
// },
// "state": "open",
// "incident_ids": [
// "<long>",
// "<long>"
// ],
// "archive_comment": "<string>",
// "archive_comment_timestamp": "<long>",
// "archive_comment_user": {
// "uuid": "<string>",
// "handle": "<string>",
// "icon": "<string>",
// "id": "<long>",
// "name": "<string>"
// },
// "archive_reason": "other",
// "state_update_timestamp": "<long>",
// "state_update_user": {
// "uuid": "<string>",
// "handle": "<string>",
// "icon": "<string>",
// "id": "<long>",
// "name": "<string>"
// }
// },
// "id": "<string>",
// "type": "signal_metadata"
// }
// }
// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
Uuid := CkJsonObject__stringOf(jResp,'data.attributes.assignee.uuid');
Handle := CkJsonObject__stringOf(jResp,'data.attributes.assignee.handle');
Icon := CkJsonObject__stringOf(jResp,'data.attributes.assignee.icon');
Id := CkJsonObject__stringOf(jResp,'data.attributes.assignee.id');
Name := CkJsonObject__stringOf(jResp,'data.attributes.assignee.name');
State := CkJsonObject__stringOf(jResp,'data.attributes.state');
Archive_comment := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment');
Archive_comment_timestamp := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment_timestamp');
Archive_comment_userUuid := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment_user.uuid');
Archive_comment_userHandle := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment_user.handle');
Archive_comment_userIcon := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment_user.icon');
Archive_comment_userId := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment_user.id');
Archive_comment_userName := CkJsonObject__stringOf(jResp,'data.attributes.archive_comment_user.name');
Archive_reason := CkJsonObject__stringOf(jResp,'data.attributes.archive_reason');
State_update_timestamp := CkJsonObject__stringOf(jResp,'data.attributes.state_update_timestamp');
State_update_userUuid := CkJsonObject__stringOf(jResp,'data.attributes.state_update_user.uuid');
State_update_userHandle := CkJsonObject__stringOf(jResp,'data.attributes.state_update_user.handle');
State_update_userIcon := CkJsonObject__stringOf(jResp,'data.attributes.state_update_user.icon');
State_update_userId := CkJsonObject__stringOf(jResp,'data.attributes.state_update_user.id');
State_update_userName := CkJsonObject__stringOf(jResp,'data.attributes.state_update_user.name');
dataId := CkJsonObject__stringOf(jResp,'data.id');
v_Type := CkJsonObject__stringOf(jResp,'data.type');
i := 0;
count_i := CkJsonObject_SizeOfArray(jResp,'data.attributes.incident_ids');
while i < count_i do
begin
CkJsonObject_putI(jResp,i);
strVal := CkJsonObject__stringOf(jResp,'data.attributes.incident_ids[i]');
i := i + 1;
end;
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkStringBuilder_Dispose(sbRequestBody);
CkStringBuilder_Dispose(sbResponseBody);
CkJsonObject_Dispose(jResp);
Curl Command
curl -X PATCH
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"data": {
"attributes": {
"state": "under_review",
"archive_comment": "<string>",
"archive_reason": "none",
"version": "<long>"
},
"id": {
"description": "The unique ID of the security signal."
},
"type": "signal_metadata"
}
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/:signal_id/state
Postman Collection Item JSON
{
"name": "Change the triage state of a security signal",
"request": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id",
"value": "<string>"
}
]
},
"description": "Change the triage state of a security signal."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": {\n \"attributes\": {\n \"assignee\": {\n \"uuid\": \"<string>\",\n \"handle\": \"<string>\",\n \"icon\": \"<string>\",\n \"id\": \"<long>\",\n \"name\": \"<string>\"\n },\n \"state\": \"open\",\n \"incident_ids\": [\n \"<long>\",\n \"<long>\"\n ],\n \"archive_comment\": \"<string>\",\n \"archive_comment_timestamp\": \"<long>\",\n \"archive_comment_user\": {\n \"uuid\": \"<string>\",\n \"handle\": \"<string>\",\n \"icon\": \"<string>\",\n \"id\": \"<long>\",\n \"name\": \"<string>\"\n },\n \"archive_reason\": \"other\",\n \"state_update_timestamp\": \"<long>\",\n \"state_update_user\": {\n \"uuid\": \"<string>\",\n \"handle\": \"<string>\",\n \"icon\": \"<string>\",\n \"id\": \"<long>\",\n \"name\": \"<string>\"\n }\n },\n \"id\": \"<string>\",\n \"type\": \"signal_metadata\"\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Forbidden",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"data\": {\n \"attributes\": {\n \"state\": \"under_review\",\n \"archive_comment\": \"<string>\",\n \"archive_reason\": \"none\",\n \"version\": \"<long>\"\n },\n \"id\": {\n \"description\": \"The unique ID of the security signal.\"\n },\n \"type\": \"signal_metadata\"\n }\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals",
":signal_id",
"state"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
