VBScript / Datadog API Collection / Get a quick list of security signals
Back to Collection Items
Dim fso, outFile
Set fso = CreateObject("Scripting.FileSystemObject")
'Create a Unicode (utf-16) output text file.
Set outFile = fso.CreateTextFile("output.txt", True, True)
' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.Http")
set http = CreateObject("Chilkat.Http")
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject")
set queryParams = CreateObject("Chilkat.JsonObject")
success = queryParams.UpdateString("filter[query]","<string>")
success = queryParams.UpdateString("filter[from]","<dateTime>")
success = queryParams.UpdateString("filter[to]","<dateTime>")
success = queryParams.UpdateString("sort","-timestamp")
success = queryParams.UpdateString("page[cursor]","<string>")
success = queryParams.UpdateInt("page[limit]",10)
http.SetRequestHeader "Accept","application/json"
' resp is a Chilkat.HttpResponse
Set resp = http.QuickRequestParams("GET","https://api.app.ddog-gov.com/api/v2/security_monitoring/signals",queryParams)
If (http.LastMethodSuccess = 0) Then
outFile.WriteLine(http.LastErrorText)
WScript.Quit
End If
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.StringBuilder")
set sbResponseBody = CreateObject("Chilkat.StringBuilder")
success = resp.GetBodySb(sbResponseBody)
' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.JsonObject")
set jResp = CreateObject("Chilkat.JsonObject")
success = jResp.LoadSb(sbResponseBody)
jResp.EmitCompact = 0
outFile.WriteLine("Response Body:")
outFile.WriteLine(jResp.Emit())
respStatusCode = resp.StatusCode
outFile.WriteLine("Response Status Code = " & respStatusCode)
If (respStatusCode >= 400) Then
outFile.WriteLine("Response Header:")
outFile.WriteLine(resp.Header)
outFile.WriteLine("Failed.")
WScript.Quit
End If
' Sample JSON response:
' (Sample code for parsing the JSON response is shown below)
' {
' "data": [
' {
' "attributes": {
' "attributes": {
' "laboris6b": {},
' "qui_4_": {},
' "sintcb": {}
' },
' "message": "<string>",
' "tags": [
' "<string>",
' "<string>"
' ],
' "timestamp": "<dateTime>"
' },
' "id": "<string>",
' "type": "signal"
' },
' {
' "attributes": {
' "attributes": {
' "cillumc": {},
' "ut_75": {}
' },
' "message": "<string>",
' "tags": [
' "<string>",
' "<string>"
' ],
' "timestamp": "<dateTime>",
' "sit5": {}
' },
' "id": "<string>",
' "type": "signal"
' }
' ],
' "links": {
' "next": "<string>"
' },
' "meta": {
' "page": {
' "after": "<string>"
' }
' }
' }
' Sample code for parsing the JSON response...
' Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
v_Next = jResp.StringOf("links.next")
After = jResp.StringOf("meta.page.after")
i = 0
count_i = jResp.SizeOfArray("data")
Do While i < count_i
jResp.I = i
Message = jResp.StringOf("data[i].attributes.message")
Timestamp = jResp.StringOf("data[i].attributes.timestamp")
id = jResp.StringOf("data[i].id")
v_type = jResp.StringOf("data[i].type")
j = 0
count_j = jResp.SizeOfArray("data[i].attributes.tags")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("data[i].attributes.tags[j]")
j = j + 1
Loop
i = i + 1
Loop
outFile.Close
Curl Command
curl -G -d "filter[query]=%3Cstring%3E"
-d "filter[from]=%3CdateTime%3E"
-d "filter[to]=%3CdateTime%3E"
-d "sort=-timestamp"
-d "page[cursor]=%3Cstring%3E"
-d "page[limit]=10"
-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/security_monitoring/signals
Postman Collection Item JSON
{
"name": "Get a quick list of security signals",
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals"
],
"query": [
{
"key": "filter[query]",
"value": "<string>",
"description": "The search query for security signals."
},
{
"key": "filter[from]",
"value": "<dateTime>",
"description": "The minimum timestamp for requested security signals."
},
{
"key": "filter[to]",
"value": "<dateTime>",
"description": "The maximum timestamp for requested security signals."
},
{
"key": "sort",
"value": "-timestamp",
"description": "The order of the security signals in results."
},
{
"key": "page[cursor]",
"value": "<string>",
"description": "A list of results using the cursor provided in the previous query."
},
{
"key": "page[limit]",
"value": "10",
"description": "The maximum number of security signals in the response."
}
]
},
"description": "The list endpoint returns security signals that match a search query.\nBoth this endpoint and the POST endpoint can be used interchangeably when listing\nsecurity signals."
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals"
],
"query": [
{
"key": "filter[query]",
"value": "<string>",
"description": "The search query for security signals."
},
{
"key": "filter[from]",
"value": "<dateTime>",
"description": "The minimum timestamp for requested security signals."
},
{
"key": "filter[to]",
"value": "<dateTime>",
"description": "The maximum timestamp for requested security signals."
},
{
"key": "sort",
"value": "-timestamp",
"description": "The order of the security signals in results."
},
{
"key": "page[cursor]",
"value": "<string>",
"description": "A list of results using the cursor provided in the previous query."
},
{
"key": "page[limit]",
"value": "10",
"description": "The maximum number of security signals in the response."
}
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": [\n {\n \"attributes\": {\n \"attributes\": {\n \"laboris6b\": {},\n \"qui_4_\": {},\n \"sintcb\": {}\n },\n \"message\": \"<string>\",\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"timestamp\": \"<dateTime>\"\n },\n \"id\": \"<string>\",\n \"type\": \"signal\"\n },\n {\n \"attributes\": {\n \"attributes\": {\n \"cillumc\": {},\n \"ut_75\": {}\n },\n \"message\": \"<string>\",\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"timestamp\": \"<dateTime>\",\n \"sit5\": {}\n },\n \"id\": \"<string>\",\n \"type\": \"signal\"\n }\n ],\n \"links\": {\n \"next\": \"<string>\"\n },\n \"meta\": {\n \"page\": {\n \"after\": \"<string>\"\n }\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals"
],
"query": [
{
"key": "filter[query]",
"value": "<string>",
"description": "The search query for security signals."
},
{
"key": "filter[from]",
"value": "<dateTime>",
"description": "The minimum timestamp for requested security signals."
},
{
"key": "filter[to]",
"value": "<dateTime>",
"description": "The maximum timestamp for requested security signals."
},
{
"key": "sort",
"value": "-timestamp",
"description": "The order of the security signals in results."
},
{
"key": "page[cursor]",
"value": "<string>",
"description": "A list of results using the cursor provided in the previous query."
},
{
"key": "page[limit]",
"value": "10",
"description": "The maximum number of security signals in the response."
}
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Authorized",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals"
],
"query": [
{
"key": "filter[query]",
"value": "<string>",
"description": "The search query for security signals."
},
{
"key": "filter[from]",
"value": "<dateTime>",
"description": "The minimum timestamp for requested security signals."
},
{
"key": "filter[to]",
"value": "<dateTime>",
"description": "The maximum timestamp for requested security signals."
},
{
"key": "sort",
"value": "-timestamp",
"description": "The order of the security signals in results."
},
{
"key": "page[cursor]",
"value": "<string>",
"description": "A list of results using the cursor provided in the previous query."
},
{
"key": "page[limit]",
"value": "10",
"description": "The maximum number of security signals in the response."
}
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"url": {
"raw": "{{baseUrl}}/api/v2/security_monitoring/signals?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"security_monitoring",
"signals"
],
"query": [
{
"key": "filter[query]",
"value": "<string>",
"description": "The search query for security signals."
},
{
"key": "filter[from]",
"value": "<dateTime>",
"description": "The minimum timestamp for requested security signals."
},
{
"key": "filter[to]",
"value": "<dateTime>",
"description": "The maximum timestamp for requested security signals."
},
{
"key": "sort",
"value": "-timestamp",
"description": "The order of the security signals in results."
},
{
"key": "page[cursor]",
"value": "<string>",
"description": "A list of results using the cursor provided in the previous query."
},
{
"key": "page[limit]",
"value": "10",
"description": "The maximum number of security signals in the response."
}
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
