Powershell / Datadog API Collection / Add a security signal to an incident
Back to Collection Items
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$http = New-Object Chilkat.Http
# Use this online tool to generate code from sample JSON: Generate Code to Create JSON
# The following JSON is sent in the request body.
# {
# "incident_id": 2066,
# "add_to_signal_timeline": false,
# "version": 19001465
# }
$json = New-Object Chilkat.JsonObject
$json.UpdateInt("incident_id",2066)
$json.UpdateBool("add_to_signal_timeline",$false)
$json.UpdateInt("version",19001465)
$http.SetRequestHeader("Content-Type","application/json")
$http.SetRequestHeader("Accept","application/json")
$sbRequestBody = New-Object Chilkat.StringBuilder
$json.EmitSb($sbRequestBody)
$resp = $http.PTextSb("PATCH","https://api.app.ddog-gov.com/api/v1/security_analytics/signals/:signal_id/add_to_incident",$sbRequestBody,"utf-8","application/json",$false,$false)
if ($http.LastMethodSuccess -eq $false) {
$($http.LastErrorText)
exit
}
$sbResponseBody = New-Object Chilkat.StringBuilder
$resp.GetBodySb($sbResponseBody)
$jResp = New-Object Chilkat.JsonObject
$jResp.LoadSb($sbResponseBody)
$jResp.EmitCompact = $false
$("Response Body:")
$($jResp.Emit())
$respStatusCode = $resp.StatusCode
$("Response Status Code = " + $respStatusCode)
if ($respStatusCode -ge 400) {
$("Response Header:")
$($resp.Header)
$("Failed.")
exit
}
# Sample JSON response:
# (Sample code for parsing the JSON response is shown below)
# {
# "status": "conse"
# }
# Sample code for parsing the JSON response...
# Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
$status = $jResp.StringOf("status")
Curl Command
curl -X PATCH
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"incident_id": 2066,
"add_to_signal_timeline": false,
"version": 19001465
}'
https://api.app.ddog-gov.com/api/v1/security_analytics/signals/:signal_id/add_to_incident
Postman Collection Item JSON
{
"name": "Add a security signal to an incident",
"request": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id",
"value": "tempor Ut sed velit"
}
]
},
"description": "Add a security signal to an incident. This makes it possible to search for signals by incident within the signal explorer and to view the signals on the incident timeline."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"status\": \"conse\"\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
},
{
"name": "Forbidden",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
},
{
"name": "Not Found",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Not Found",
"code": 404,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "PATCH",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"incident_id\": 2066,\n \"add_to_signal_timeline\": false,\n \"version\": 19001465\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v1/security_analytics/signals/:signal_id/add_to_incident",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v1",
"security_analytics",
"signals",
":signal_id",
"add_to_incident"
],
"variable": [
{
"key": "signal_id"
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"Bad Request\",\n \"Bad Request\"\n ]\n}"
}
]
}
