Qodex.ai

Get a list of security signals

POST {{baseUrl}}/api/v2/security_monitoring/signals/search

Returns security signals that match a search query. Both this endpoint and the GET endpoint can be used interchangeably for listing security signals.

Request Body

{"filter"=>{"from"=>"2019-01-02T09:42:36.320Z", "query"=>"security:attack status:high", "to"=>"2019-01-03T09:42:36.320Z"}, "page"=>{"cursor"=>"eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ==", "limit"=>25}, "sort"=>"-timestamp"}

HEADERS

KeyDatatypeRequiredDescription
Content-Typestring
Acceptstring

RESPONSES

status: OK

{"data":[{"attributes":{"custom":{"workflow":{"first_seen":"2020-06-23T14:46:01.000Z","last_seen":"2020-06-23T14:46:49.000Z","rule":{"name":"Brute Force Attack Grouped By User ","version":12}}},"message":"Detect Account Take Over (ATO) through brute force attempts","tags":["security:attack","technique:T1110-brute-force"],"timestamp":"2019-01-02T09:42:36.320Z","essed":{},"Duis_4_1":{}},"id":"AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA","type":"signal"},{"attributes":{"custom":{"workflow":{"first_seen":"2020-06-23T14:46:01.000Z","last_seen":"2020-06-23T14:46:49.000Z","rule":{"name":"Brute Force Attack Grouped By User ","version":12}}},"message":"Detect Account Take Over (ATO) through brute force attempts","tags":["security:attack","technique:T1110-brute-force"],"timestamp":"2019-01-02T09:42:36.320Z"},"id":"AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA","type":"signal"}],"links":{"next":"https://app.datadoghq.com/api/v2/security_monitoring/signals?filter[query]=foo\u0026page[cursor]=eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="},"meta":{"page":{"after":"eyJzdGFydEF0IjoiQVFBQUFYS2tMS3pPbm40NGV3QUFBQUJCV0V0clRFdDZVbG8zY3pCRmNsbHJiVmxDWlEifQ=="}}}