Chilkat Online Tools

phpAx / Datadog API Collection / Change the triage state of a security signal

Back to Collection Items

<?php

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Http')
$http = new COM("Chilkat.Http");

// Use this online tool to generate code from sample JSON: Generate Code to Create JSON

// The following JSON is sent in the request body.

// {
//   "data": {
//     "attributes": {
//       "state": "under_review",
//       "archive_comment": "<string>",
//       "archive_reason": "none",
//       "version": "<long>"
//     },
//     "id": {
//       "description": "The unique ID of the security signal."
//     },
//     "type": "signal_metadata"
//   }
// }

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$json = new COM("Chilkat.JsonObject");
$json->UpdateString('data.attributes.state','under_review');
$json->UpdateString('data.attributes.archive_comment','<string>');
$json->UpdateString('data.attributes.archive_reason','none');
$json->UpdateString('data.attributes.version','<long>');
$json->UpdateString('data.id.description','The unique ID of the security signal.');
$json->UpdateString('data.type','signal_metadata');

$http->SetRequestHeader('Content-Type','application/json');
$http->SetRequestHeader('Accept','application/json');

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbRequestBody = new COM("Chilkat.StringBuilder");
$json->EmitSb($sbRequestBody);

// resp is a Chilkat.HttpResponse
$resp = $http->PTextSb('PATCH','https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/:signal_id/state',$sbRequestBody,'utf-8','application/json',0,0);
if ($http->LastMethodSuccess == 0) {
    print $http->LastErrorText . "\n";
    exit;
}

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbResponseBody = new COM("Chilkat.StringBuilder");
$resp->GetBodySb($sbResponseBody);

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$jResp = new COM("Chilkat.JsonObject");
$jResp->LoadSb($sbResponseBody);
$jResp->EmitCompact = 0;

print 'Response Body:' . "\n";
print $jResp->emit() . "\n";

$respStatusCode = $resp->StatusCode;
print 'Response Status Code = ' . $respStatusCode . "\n";
if ($respStatusCode >= 400) {
    print 'Response Header:' . "\n";
    print $resp->Header . "\n";
    print 'Failed.' . "\n";

    exit;
}

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// {
//   "data": {
//     "attributes": {
//       "assignee": {
//         "uuid": "<string>",
//         "handle": "<string>",
//         "icon": "<string>",
//         "id": "<long>",
//         "name": "<string>"
//       },
//       "state": "open",
//       "incident_ids": [
//         "<long>",
//         "<long>"
//       ],
//       "archive_comment": "<string>",
//       "archive_comment_timestamp": "<long>",
//       "archive_comment_user": {
//         "uuid": "<string>",
//         "handle": "<string>",
//         "icon": "<string>",
//         "id": "<long>",
//         "name": "<string>"
//       },
//       "archive_reason": "other",
//       "state_update_timestamp": "<long>",
//       "state_update_user": {
//         "uuid": "<string>",
//         "handle": "<string>",
//         "icon": "<string>",
//         "id": "<long>",
//         "name": "<string>"
//       }
//     },
//     "id": "<string>",
//     "type": "signal_metadata"
//   }
// }

// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

$Uuid = $jResp->stringOf('data.attributes.assignee.uuid');
$Handle = $jResp->stringOf('data.attributes.assignee.handle');
$Icon = $jResp->stringOf('data.attributes.assignee.icon');
$Id = $jResp->stringOf('data.attributes.assignee.id');
$Name = $jResp->stringOf('data.attributes.assignee.name');
$State = $jResp->stringOf('data.attributes.state');
$Archive_comment = $jResp->stringOf('data.attributes.archive_comment');
$Archive_comment_timestamp = $jResp->stringOf('data.attributes.archive_comment_timestamp');
$Archive_comment_userUuid = $jResp->stringOf('data.attributes.archive_comment_user.uuid');
$Archive_comment_userHandle = $jResp->stringOf('data.attributes.archive_comment_user.handle');
$Archive_comment_userIcon = $jResp->stringOf('data.attributes.archive_comment_user.icon');
$Archive_comment_userId = $jResp->stringOf('data.attributes.archive_comment_user.id');
$Archive_comment_userName = $jResp->stringOf('data.attributes.archive_comment_user.name');
$Archive_reason = $jResp->stringOf('data.attributes.archive_reason');
$State_update_timestamp = $jResp->stringOf('data.attributes.state_update_timestamp');
$State_update_userUuid = $jResp->stringOf('data.attributes.state_update_user.uuid');
$State_update_userHandle = $jResp->stringOf('data.attributes.state_update_user.handle');
$State_update_userIcon = $jResp->stringOf('data.attributes.state_update_user.icon');
$State_update_userId = $jResp->stringOf('data.attributes.state_update_user.id');
$State_update_userName = $jResp->stringOf('data.attributes.state_update_user.name');
$dataId = $jResp->stringOf('data.id');
$v_Type = $jResp->stringOf('data.type');
$i = 0;
$count_i = $jResp->SizeOfArray('data.attributes.incident_ids');
while ($i < $count_i) {
    $jResp->I = $i;
    $strVal = $jResp->stringOf('data.attributes.incident_ids[i]');
    $i = $i + 1;
}


?>

Curl Command

curl -X PATCH
	-H "Content-Type: application/json"
	-H "Accept: application/json"
	-d '{
  "data": {
    "attributes": {
      "state": "under_review",
      "archive_comment": "<string>",
      "archive_reason": "none",
      "version": "<long>"
    },
    "id": {
      "description": "The unique ID of the security signal."
    },
    "type": "signal_metadata"
  }
}'
https://api.app.ddog-gov.com/api/v2/security_monitoring/signals/:signal_id/state

Postman Collection Item JSON

{
  "name": "Change the triage state of a security signal",
  "request": {
    "method": "PATCH",
    "header": [
      {
        "key": "Content-Type",
        "value": "application/json"
      },
      {
        "key": "Accept",
        "value": "application/json"
      }
    ],
    "body": {
      "mode": "raw",
      "raw": "{\n  \"data\": {\n    \"attributes\": {\n      \"state\": \"under_review\",\n      \"archive_comment\": \"<string>\",\n      \"archive_reason\": \"none\",\n      \"version\": \"<long>\"\n    },\n    \"id\": {\n      \"description\": \"The unique ID of the security signal.\"\n    },\n    \"type\": \"signal_metadata\"\n  }\n}",
      "options": {
        "raw": {
          "headerFamily": "json",
          "language": "json"
        }
      }
    },
    "url": {
      "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
      "host": [
        "{{baseUrl}}"
      ],
      "path": [
        "api",
        "v2",
        "security_monitoring",
        "signals",
        ":signal_id",
        "state"
      ],
      "variable": [
        {
          "key": "signal_id",
          "value": "<string>"
        }
      ]
    },
    "description": "Change the triage state of a security signal."
  },
  "response": [
    {
      "name": "OK",
      "originalRequest": {
        "method": "PATCH",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"attributes\": {\n      \"state\": \"under_review\",\n      \"archive_comment\": \"<string>\",\n      \"archive_reason\": \"none\",\n      \"version\": \"<long>\"\n    },\n    \"id\": {\n      \"description\": \"The unique ID of the security signal.\"\n    },\n    \"type\": \"signal_metadata\"\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            ":signal_id",
            "state"
          ],
          "variable": [
            {
              "key": "signal_id"
            }
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"data\": {\n    \"attributes\": {\n      \"assignee\": {\n        \"uuid\": \"<string>\",\n        \"handle\": \"<string>\",\n        \"icon\": \"<string>\",\n        \"id\": \"<long>\",\n        \"name\": \"<string>\"\n      },\n      \"state\": \"open\",\n      \"incident_ids\": [\n        \"<long>\",\n        \"<long>\"\n      ],\n      \"archive_comment\": \"<string>\",\n      \"archive_comment_timestamp\": \"<long>\",\n      \"archive_comment_user\": {\n        \"uuid\": \"<string>\",\n        \"handle\": \"<string>\",\n        \"icon\": \"<string>\",\n        \"id\": \"<long>\",\n        \"name\": \"<string>\"\n      },\n      \"archive_reason\": \"other\",\n      \"state_update_timestamp\": \"<long>\",\n      \"state_update_user\": {\n        \"uuid\": \"<string>\",\n        \"handle\": \"<string>\",\n        \"icon\": \"<string>\",\n        \"id\": \"<long>\",\n        \"name\": \"<string>\"\n      }\n    },\n    \"id\": \"<string>\",\n    \"type\": \"signal_metadata\"\n  }\n}"
    },
    {
      "name": "Bad Request",
      "originalRequest": {
        "method": "PATCH",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"attributes\": {\n      \"state\": \"under_review\",\n      \"archive_comment\": \"<string>\",\n      \"archive_reason\": \"none\",\n      \"version\": \"<long>\"\n    },\n    \"id\": {\n      \"description\": \"The unique ID of the security signal.\"\n    },\n    \"type\": \"signal_metadata\"\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            ":signal_id",
            "state"
          ],
          "variable": [
            {
              "key": "signal_id"
            }
          ]
        }
      },
      "status": "Bad Request",
      "code": 400,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Forbidden",
      "originalRequest": {
        "method": "PATCH",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"attributes\": {\n      \"state\": \"under_review\",\n      \"archive_comment\": \"<string>\",\n      \"archive_reason\": \"none\",\n      \"version\": \"<long>\"\n    },\n    \"id\": {\n      \"description\": \"The unique ID of the security signal.\"\n    },\n    \"type\": \"signal_metadata\"\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            ":signal_id",
            "state"
          ],
          "variable": [
            {
              "key": "signal_id"
            }
          ]
        }
      },
      "status": "Forbidden",
      "code": 403,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Not Found",
      "originalRequest": {
        "method": "PATCH",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"attributes\": {\n      \"state\": \"under_review\",\n      \"archive_comment\": \"<string>\",\n      \"archive_reason\": \"none\",\n      \"version\": \"<long>\"\n    },\n    \"id\": {\n      \"description\": \"The unique ID of the security signal.\"\n    },\n    \"type\": \"signal_metadata\"\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            ":signal_id",
            "state"
          ],
          "variable": [
            {
              "key": "signal_id"
            }
          ]
        }
      },
      "status": "Not Found",
      "code": 404,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Too many requests",
      "originalRequest": {
        "method": "PATCH",
        "header": [
          {
            "key": "Content-Type",
            "value": "application/json"
          },
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "body": {
          "mode": "raw",
          "raw": "{\n  \"data\": {\n    \"attributes\": {\n      \"state\": \"under_review\",\n      \"archive_comment\": \"<string>\",\n      \"archive_reason\": \"none\",\n      \"version\": \"<long>\"\n    },\n    \"id\": {\n      \"description\": \"The unique ID of the security signal.\"\n    },\n    \"type\": \"signal_metadata\"\n  }\n}",
          "options": {
            "raw": {
              "headerFamily": "json",
              "language": "json"
            }
          }
        },
        "url": {
          "raw": "{{baseUrl}}/api/v2/security_monitoring/signals/:signal_id/state",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "security_monitoring",
            "signals",
            ":signal_id",
            "state"
          ],
          "variable": [
            {
              "key": "signal_id"
            }
          ]
        }
      },
      "status": "Too Many Requests",
      "code": 429,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    }
  ]
}