Datadog

Version: 2.1.2

Datadog is the essential monitoring and security platform for cloud applications. It brings together end-to-end traces, metrics, and logs to make your applications, infrastructure, and third-party services entirely observable. These capabilities help businesses secure their systems, avoid downtime, and ensure customers are getting the best user experience.

Connect Datadog with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for Datadog.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • App Key: App Key created in Datadog for this instance.
    • API Key: API key required for authentication to Datadog.
  4. After you've entered all the details, click Connect.

Actions for Datadog

Get Security Signals

Fetches security signals that match a search query.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
QueryJinja-templated text containing search query for listing security signals (Default is '*'). Example: host:{{column_name}}Required
SortSort order for the results. (Default is Chronological).Required
LimitLimits the number of rows from the search. (Default is 100000).Required
Start timeJinja-templated, ISO formatted minimum timestamp for requested security signals. Default is execution start time. Example: 2019-09-26T07:58:30.996+02:00.Required
End timeJinja-templated, ISO formatted maximum timestamp for requested security signals. Default is execution end time. Example: 2019-09-26T07:58:30.996+02:00Required

Output

Each row contains a JSON object of a Security Signal.

{
   "attributes":{
      "attributes":{
         "entities":[
            "@network.client.ip:172.17.0.1",
            "host:ubuntu"
         ],
         "groupByPaths":[
            "host"
         ],
         "http":{
            "method":"GET",
            "referer":"-",
            "status_code":200,
            "url_details":{
               "path":"/"
            },
            "useragent_details":{
               "browser":{
                  "family":"curl"
               },
               "device":{
                  "family":"Other"
               },
               "os":{
                  "family":"Other"
               }
            }
         },
         "network":{
            "client":{
               "ip":"172.17.0.1"
            }
         },
         "queries":[
            {
               "groupByPaths":[
                  "host"
               ],
               "query":"@http.status_code:200"
            }
         ],
         "relatedLogsQuery":{
            "from":"2021-02-16T08:05:07.000Z",
            "query":"@http.status_code:200 host:\"ubuntu\"",
            "to":"2021-02-17T08:20:07.000Z"
         },
         "samples":[
            {
               "content":{
                  "custom":{
                     "date_access":1613463607000,
                     "http":{
                        "method":"GET",
                        "referer":"-",
                        "status_category":"OK",
                        "status_code":200,
                        "url":"/",
                        "url_details":{
                           "path":"/"
                        },
                        "useragent":"curl/7.68.0",
                        "useragent_details":{
                           "browser":{
                              "family":"curl",
                              "major":"7",
                              "minor":"68",
                              "patch":"0"
                           },
                           "device":{
                              "category":"Other",
                              "family":"Other"
                           },
                           "os":{
                              "family":"Other"
                           }
                        },
                        "version":"1.1"
                     },
                     "network":{
                        "bytes_written":5,
                        "client":{
                           "ip":"172.17.0.1"
                        }
                     }
                  },
                  "host":"ubuntu",
                  "host_id":3881504510,
                  "ingest_size_in_bytes":329,
                  "message":"172.17.0.1 - - [16/Feb/2021:08:20:07 +0000] \"GET / HTTP/1.1\" 200 5 \"-\" \"curl/7.68.0\"",
                  "service":"webapp",
                  "source":"nginx",
                  "status":"ok",
                  "tags":[
                     "docker_image:datadog-ngix:latest",
                     "short_image:datadog-ngix",
                     "source:nginx",
                     "container_name:nginx",
                     "container_id:7c7325c142c880141ec3e31ad4bbfe8ae8815f902ced70635903ebfbdc50a708",
                     "image_tag:latest",
                     "image_name:datadog-ngix",
                     "service:webapp"
                  ],
                  "tiebreaker":-1157172501,
                  "timestamp":"2021-02-16T08:20:07.000Z"
               },
               "eventId":"AQAAAXep7NbYuwby6wAAAABBWGVwN05qNEFBQkZSajBTM25FYmlRQUE",
               "id":"AXep7Nj4AABFRj0S3nEbiQAA",
               "queryIndex":0,
               "trackKey":{
                  "orgId":536355,
                  "type":"logs"
               }
            }
         ],
         "title":"200 - case 2",
         "workflow":{
            "events_matched":1,
            "first_seen":"2021-02-16T08:20:07.000Z",
            "last_seen":"2021-02-16T08:20:07.000Z",
            "rule":{
               "detectionMethod":"threshold",
               "id":"dfn-nuv-z2j",
               "name":"200",
               "type":"Log Detection",
               "version":1
            }
         }
      },
      "host":"ubuntu",
      "message":"%%%\n200\n%%%",
      "service":[
         "webapp"
      ],
      "status":"critical",
      "tags":[
         "source:nginx",
         "docker_image:datadog-ngix:latest",
         "short_image:datadog-ngix",
         "source:nginx",
         "container_name:nginx",
         "container_id:7c7325c142c880141ec3e31ad4bbfe8ae8815f902ced70635903ebfbdc50a708",
         "image_tag:latest",
         "image_name:datadog-ngix",
         "service:webapp"
      ],
      "timestamp":"2021-02-16T08:20:11.188Z"
   },
   "error":null,
   "has_error":false,
   "id":"AQAAAXep7Oc0AAAAAAAAAABkZm4tbnV2LXoyai0xLUFYZXA3Tmo0QUFCRlJqMFMzbkViaVFBQQ",
   "type":"signal"
}

Search Logs

Fetches logs that match a log search query.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
QueryJinja-templated text containing search query for listing security signals (Default is '*'). Example: host:{{column_name}}Required
IndexJinja-templated text containing comma separated indices for logs (Default is '*'). Example: {{column_name}}Required
SortSort order for the results. (Default is Chronological).Required
LimitLimits the number of rows from the search. (Default is 100000).Required
Start timeJinja-templated, ISO formatted minimum timestamp for requested security signals. Default is execution start time. Example: 2019-09-26T07:58:30.996+02:00Required
End timeJinja-templated, ISO formatted maximum timestamp for requested security signals. Default is execution end time. Example: 2019-09-26T07:58:30.996+02:00Required

Output

Each row contains a JSON log object.

{
   "attributes":{
      "attributes":{
         "hostname":"fa1e1e739d95"
      },
      "host":"fa1e1e739d95",
      "message":"hello world",
      "status":"info",
      "tags":[
         "source:agent",
         "env:prod",
         "env:prod",
         "user:joe.doe",
         "source:agent"
      ],
      "timestamp":"2021-02-16T02:30:46.022Z"
   },
   "error":null,
   "has_error":false,
   "id":"AQAAAXeorQAGojnJQQAAAABBWGVvclFBR0FBQlN1SEhvQmNsZDhBQUE",
   "type":"log"
}

Create an Incident

Create an incident. This endpoint requires the incident_write authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
AttributesJinja-templated JSON containing attributes of the incident. Example: '{"title": "Example-title","customer_impacted": false,"fields": {"state": {"type": "dropdown","value": "resolved"}}}'Required
RelationshipsJinja-templated JSON containing relationships of the incident. Example: '{"commander_user": {"data": {"type": "users","id": "29afasdf6-b738-11ed-bb14-6aasdfasdf39"}}}'Optional

Output

JSON containing the following items:

{
   "data":{
      "type":"incidents",
      "id":"e144dd7f-8206-50e8-8c90-b0df0ea2d457",
      "attributes":{
         "public_id":17,
         "title":"testIncident2_IJ",
         "resolved":null,
         "customer_impact_scope":null,
         "customer_impact_start":null,
         "customer_impact_end":null,
         "customer_impacted":false,
         "notification_handles":null,
         "last_modified_by":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39",
               "attributes":{
                  "uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
                  "handle":"[email protected]",
                  "email":"[email protected]",
                  "name":"Sumit yadav",
                  "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro"
               }
            }
         },
         "last_modified_by_uuid":null,
         "created":"2023-03-07T09:29:22.997133+00:00",
         "modified":"2023-03-07T09:29:22.997133+00:00",
         "commander":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39",
               "attributes":{
                  "uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
                  "handle":"[email protected]",
                  "email":"[email protected]",
                  "name":"Sumit yadav",
                  "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro"
               }
            }
         },
         "detected":"2023-03-07T09:29:22.980725+00:00",
         "created_by":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39",
               "attributes":{
                  "uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
                  "handle":"[email protected]",
                  "email":"[email protected]",
                  "name":"Sumit yadav",
                  "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro"
               }
            }
         },
         "created_by_uuid":null,
         "creation_idempotency_key":null,
         "customer_impact_duration":0,
         "time_to_detect":0,
         "time_to_repair":0,
         "time_to_internal_response":0,
         "time_to_resolve":0,
         "fields":{
            "severity":{
               "type":"dropdown",
               "value":"UNKNOWN"
            },
            "state":{
               "type":"dropdown",
               "value":"resolved"
            },
            "detection_method":{
               "type":"dropdown",
               "value":"unknown"
            },
            "root_cause":{
               "type":"textbox",
               "value":null
            },
            "summary":{
               "type":"textbox",
               "value":null
            },
            "services":{
               "type":"autocomplete",
               "value":null
            },
            "teams":{
               "type":"autocomplete",
               "value":null
            }
         },
         "field_analytics":null,
         "severity":"UNKNOWN",
         "state":"resolved",
         "non_datadog_creator":null,
         "visibility":"organization",
         "case_id":null
      },
      "relationships":{
         "created_by_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "last_modified_by_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "commander_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "user_defined_fields":{
            "data":[
               {
                  "type":"user_defined_field",
                  "id":"766d5d3c-58a1-503c-97de-25a7e884504d"
               },
               {
                  "type":"user_defined_field",
                  "id":"ee92e695-107e-5700-8d7e-4815ceec9923"
               },
               {
                  "type":"user_defined_field",
                  "id":"e51285b5-6210-51d2-8d39-8a74312c1307"
               },
               {
                  "type":"user_defined_field",
                  "id":"6f8e7b10-3190-5426-8bd7-ad105b9b27ab"
               },
               {
                  "type":"user_defined_field",
                  "id":"cb3aa49a-b0b0-515c-bbb1-e2fa57a69a4d"
               },
               {
                  "type":"user_defined_field",
                  "id":"35ee9427-1441-5814-8c05-f8df176227c1"
               },
               {
                  "type":"user_defined_field",
                  "id":"cfd4e544-c64a-5ccc-b412-a2ec6f7ac981"
               }
            ]
         },
         "integrations":{
            "data":[
               
            ]
         },
         "attachments":{
            "data":[
               
            ]
         },
         "responders":{
            "data":[
               {
                  "type":"incident_responders",
                  "id":"8aa4073c-ac34-5fdb-a732-8e3dd3983988"
               }
            ]
         },
         "impacts":{
            "data":[
               
            ]
         }
      }
   },
   "error":null,
   "has_error":false
}

List Incidents

Get all incidents for the user’s organization. This endpoint requires the incident_read authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Additional ParamsJinja-templated JSON containing params to be passed in request. Example: '{"page[size]": 2,"page[offset]": 3}'Optional

Output

JSON containing the following items:

{
   "data":[
      {
         "type":"incidents",
         "id":"aca3b9a2-012b-506d-b2e1-8ee48b2dca87",
         "attributes":{
            "public_id":1,
            "title":"Example-Create_an_incident_returns_CREATED_response",
            "resolved":null,
            "customer_impact_scope":null,
            "customer_impact_start":null,
            "customer_impact_end":null,
            "customer_impacted":false,
            "notification_handles":null,
            "last_modified_by_uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
            "created":"2023-02-28T09:58:26.388721+00:00",
            "modified":"2023-02-28T09:58:26.388721+00:00",
            "detected":"2023-02-28T09:58:26.378626+00:00",
            "created_by_uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
            "creation_idempotency_key":null,
            "customer_impact_duration":0,
            "time_to_detect":0,
            "time_to_repair":0,
            "time_to_internal_response":0,
            "time_to_resolve":0,
            "fields":{
               "severity":{
                  "type":"dropdown",
                  "value":"UNKNOWN"
               },
               "state":{
                  "type":"dropdown",
                  "value":"resolved"
               },
               "detection_method":{
                  "type":"dropdown",
                  "value":"unknown"
               },
               "root_cause":{
                  "type":"textbox",
                  "value":null
               },
               "summary":{
                  "type":"textbox",
                  "value":null
               },
               "services":{
                  "type":"autocomplete",
                  "value":null
               },
               "teams":{
                  "type":"autocomplete",
                  "value":null
               }
            },
            "field_analytics":null,
            "severity":"UNKNOWN",
            "state":"resolved",
            "non_datadog_creator":null,
            "visibility":"organization",
            "case_id":null
         },
         "relationships":{
            "created_by_user":{
               "data":{
                  "type":"users",
                  "id":"af292796-b738-11ed-bb14-6a6fc077be39"
               }
            },
            "last_modified_by_user":{
               "data":{
                  "type":"users",
                  "id":"af292796-b738-11ed-bb14-6a6fc077be39"
               }
            },
            "commander_user":{
               "data":{
                  "type":"users",
                  "id":"af292796-b738-11ed-bb14-6a6fc077be39"
               }
            },
            "user_defined_fields":{
               "data":[
                  {
                     "type":"user_defined_field",
                     "id":"766d5d3c-58a1-503c-97de-25a7e884504d"
                  },
                  {
                     "type":"user_defined_field",
                     "id":"ee92e695-107e-5700-8d7e-4815ceec9923"
                  },
                  {
                     "type":"user_defined_field",
                     "id":"e51285b5-6210-51d2-8d39-8a74312c1307"
                  },
                  {
                     "type":"user_defined_field",
                     "id":"6f8e7b10-3190-5426-8bd7-ad105b9b27ab"
                  },
                  {
                     "type":"user_defined_field",
                     "id":"cb3aa49a-b0b0-515c-bbb1-e2fa57a69a4d"
                  },
                  {
                     "type":"user_defined_field",
                     "id":"35ee9427-1441-5814-8c05-f8df176227c1"
                  },
                  {
                     "type":"user_defined_field",
                     "id":"cfd4e544-c64a-5ccc-b412-a2ec6f7ac981"
                  }
               ]
            },
            "integrations":{
               "data":[
                  
               ]
            },
            "attachments":{
               "data":[
                  
               ]
            },
            "responders":{
               "data":[
                  {
                     "type":"incident_responders",
                     "id":"a2cfc337-45fc-5490-aeed-54e8e34f4f70"
                  }
               ]
            },
            "impacts":{
               "data":[
                  
               ]
            }
         }
      }
   ],
   "meta":{
      "pagination":{
         "offset":0,
         "next_offset":5,
         "size":5
      }
   },
   "error":null,
   "has_error":false
}

Get Incident Details

Get the details of an incident by incident_id. This endpoint requires the incident_read authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Incident IdJinja-templated text containing the incident Id. Example: 'asdfasfeaw-awef-awef-asdfasdf'Required

Output

JSON containing the following items:

{
   "data":{
      "type":"incidents",
      "id":"e144dd7f-8206-50e8-8c90-b0df0ea2d457",
      "attributes":{
         "public_id":17,
         "title":"testIncident2_IJ",
         "resolved":null,
         "customer_impact_scope":null,
         "customer_impact_start":null,
         "customer_impact_end":null,
         "customer_impacted":false,
         "notification_handles":null,
         "last_modified_by_uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
         "created":"2023-03-07T09:29:22.997133+00:00",
         "modified":"2023-03-07T09:29:22.997133+00:00",
         "detected":"2023-03-07T09:29:22.980725+00:00",
         "created_by_uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
         "creation_idempotency_key":null,
         "customer_impact_duration":0,
         "time_to_detect":0,
         "time_to_repair":0,
         "time_to_internal_response":0,
         "time_to_resolve":0,
         "fields":{
            "severity":{
               "type":"dropdown",
               "value":"UNKNOWN"
            },
            "state":{
               "type":"dropdown",
               "value":"resolved"
            },
            "detection_method":{
               "type":"dropdown",
               "value":"unknown"
            },
            "root_cause":{
               "type":"textbox",
               "value":null
            },
            "summary":{
               "type":"textbox",
               "value":null
            },
            "services":{
               "type":"autocomplete",
               "value":null
            },
            "teams":{
               "type":"autocomplete",
               "value":null
            }
         },
         "field_analytics":null,
         "severity":"UNKNOWN",
         "state":"resolved",
         "non_datadog_creator":null,
         "visibility":"organization",
         "case_id":null
      },
      "relationships":{
         "created_by_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "last_modified_by_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "commander_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "user_defined_fields":{
            "data":[
               {
                  "type":"user_defined_field",
                  "id":"766d5d3c-58a1-503c-97de-25a7e884504d"
               },
               {
                  "type":"user_defined_field",
                  "id":"ee92e695-107e-5700-8d7e-4815ceec9923"
               },
               {
                  "type":"user_defined_field",
                  "id":"e51285b5-6210-51d2-8d39-8a74312c1307"
               },
               {
                  "type":"user_defined_field",
                  "id":"6f8e7b10-3190-5426-8bd7-ad105b9b27ab"
               },
               {
                  "type":"user_defined_field",
                  "id":"cb3aa49a-b0b0-515c-bbb1-e2fa57a69a4d"
               },
               {
                  "type":"user_defined_field",
                  "id":"35ee9427-1441-5814-8c05-f8df176227c1"
               },
               {
                  "type":"user_defined_field",
                  "id":"cfd4e544-c64a-5ccc-b412-a2ec6f7ac981"
               }
            ]
         },
         "integrations":{
            "data":[
               
            ]
         },
         "attachments":{
            "data":[
               
            ]
         },
         "responders":{
            "data":[
               {
                  "type":"incident_responders",
                  "id":"8aa4073c-ac34-5fdb-a732-8e3dd3983988"
               }
            ]
         },
         "impacts":{
            "data":[
               
            ]
         }
      }
   },
   "error":null,
   "has_error":false
}

Delete an Incident

Deletes an existing incident from the users organization. This endpoint requires the incident_write authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Incident IdJinja-templated text containing the incident Id. Example: 'asdfasfeaw-awef-awef-asdfasdf'Required

Output

JSON containing the following items:

{
   "message":"Incident deleted successfully",
   "error":null,
   "has_error":false
}

Update an Incident

Updates an incident. Provide only the attributes that should be updated as this request is a partial update. This endpoint requires the incident_write authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Incident IdJinja-templated text containing the incident Id. Example: 'asdfasfeaw-awef-awef-asdfasdf'Required
IncidentJinja-templated JSON containing body of the request. Example: '{"data": {"type": "incidents","attributes": {"title": "Example-Create_an_incident_returns_CREATED_response","customer_impacted": false,"fields": {"state": {"type": "dropdown","value": "resolved"}}},"relationships": {"commander_user": {"data": {"type": "users","id": "af292796-b738-11ed-bb14-6a6fc077be39"}}}}}'Required

Output

JSON containing the following items:

{
   "data":{
      "type":"incidents",
      "id":"67ac753b-9d59-50ee-8726-94af01466541",
      "attributes":{
         "public_id":18,
         "title":"testIncident1_IJ",
         "resolved":null,
         "customer_impact_scope":null,
         "customer_impact_start":null,
         "customer_impact_end":null,
         "customer_impacted":false,
         "notification_handles":null,
         "last_modified_by":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39",
               "attributes":{
                  "uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
                  "handle":"[email protected]",
                  "email":"[email protected]",
                  "name":"Sumit yadav",
                  "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro"
               }
            }
         },
         "last_modified_by_uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
         "created":"2023-03-07T09:29:23.969207+00:00",
         "modified":"2023-03-07T09:33:10.086200+00:00",
         "commander":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39",
               "attributes":{
                  "uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
                  "handle":"[email protected]",
                  "email":"[email protected]",
                  "name":"Sumit yadav",
                  "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro"
               }
            }
         },
         "detected":"2023-03-07T09:29:23.962682+00:00",
         "created_by":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39",
               "attributes":{
                  "uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
                  "handle":"[email protected]",
                  "email":"[email protected]",
                  "name":"Sumit yadav",
                  "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro"
               }
            }
         },
         "created_by_uuid":"af292796-b738-11ed-bb14-6a6fc077be39",
         "creation_idempotency_key":null,
         "customer_impact_duration":0,
         "time_to_detect":0,
         "time_to_repair":0,
         "time_to_internal_response":0,
         "time_to_resolve":0,
         "fields":{
            "severity":{
               "type":"dropdown",
               "value":"UNKNOWN"
            },
            "state":{
               "type":"dropdown",
               "value":"active"
            },
            "detection_method":{
               "type":"dropdown",
               "value":"unknown"
            },
            "root_cause":{
               "type":"textbox",
               "value":null
            },
            "summary":{
               "type":"textbox",
               "value":null
            },
            "services":{
               "type":"autocomplete",
               "value":null
            },
            "teams":{
               "type":"autocomplete",
               "value":null
            }
         },
         "field_analytics":null,
         "severity":"UNKNOWN",
         "state":"active",
         "non_datadog_creator":null,
         "visibility":"organization",
         "case_id":null
      },
      "relationships":{
         "created_by_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "last_modified_by_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "commander_user":{
            "data":{
               "type":"users",
               "id":"af292796-b738-11ed-bb14-6a6fc077be39"
            }
         },
         "user_defined_fields":{
            "data":[
               {
                  "type":"user_defined_field",
                  "id":"766d5d3c-58a1-503c-97de-25a7e884504d"
               },
               {
                  "type":"user_defined_field",
                  "id":"ee92e695-107e-5700-8d7e-4815ceec9923"
               },
               {
                  "type":"user_defined_field",
                  "id":"e51285b5-6210-51d2-8d39-8a74312c1307"
               },
               {
                  "type":"user_defined_field",
                  "id":"6f8e7b10-3190-5426-8bd7-ad105b9b27ab"
               },
               {
                  "type":"user_defined_field",
                  "id":"cb3aa49a-b0b0-515c-bbb1-e2fa57a69a4d"
               },
               {
                  "type":"user_defined_field",
                  "id":"35ee9427-1441-5814-8c05-f8df176227c1"
               },
               {
                  "type":"user_defined_field",
                  "id":"cfd4e544-c64a-5ccc-b412-a2ec6f7ac981"
               }
            ]
         },
         "integrations":{
            "data":[
               
            ]
         },
         "attachments":{
            "data":[
               
            ]
         },
         "responders":{
            "data":[
               {
                  "type":"incident_responders",
                  "id":"6add0c53-929d-593d-9c62-06882916a377"
               }
            ]
         },
         "impacts":{
            "data":[
               
            ]
         }
      }
   },
   "error":null,
   "has_error":false
}

List Attachments

Get all attachments for a given incident. This endpoint requires the incident_read authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Incident IdJinja-templated text containing the incident Id. Example: 'asdfasfeaw-awef-awef-asdfasdf'Required

Output

JSON containing the following items:

{
   "data":[
      {
         "type":"incident_attachments",
         "id":"5062eaab-e856-5c60-a514-bcf3a1f3d6f0",
         "attributes":{
            "modified":"2023-03-07T09:36:47.656548+00:00",
            "attachment_type":"link",
            "attachment":{
               "title":"Example-Create_an_incident_attachment_returns_OK_response",
               "documentUrl":"https://docs.google.com/spreadsheets/d/1R1C1Lx_0ELE3xc"
            }
         },
         "relationships":{
            "last_modified_by_user":{
               "data":{
                  "type":"users",
                  "id":"af292796-b738-11ed-bb14-6a6fc077be39"
               }
            }
         }
      }
   ],
   "error":null,
   "has_error":false
}

Create, Update, and Delete Incident Attachments

The bulk update endpoint for creating, updating, and deleting attachments for a given incident.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Incident IdJinja-templated text containing the incident Id. Example: 'asdfasfeaw-awef-awef-asdfasdf'Required
Attachment DetailsJinja-templated JSON containing data which is An array of incident attachments. An attachment object without an "id" key indicates that you want to create that attachment. An attachment object without an "attributes" key indicates that you want to delete that attachment. An attachment object with both the "id" key and a populated "attributes" object indicates that you want to update that attachment. Example: '{"data": [{"type": "incident_attachments","attributes": {"attachment_type": "link/postmortem","attachment": {"documentUrl": "https://www.example.com/doc","title": "Example-Create_an_incident_attachment_returns_OK_response"}}}]}'Optional

Output

JSON containing the following items:

{
   "data":[
      {
         "type":"incident_attachments",
         "id":"5062eaab-e856-5c60-a514-bcf3a1f3d6f0",
         "attributes":{
            "modified":"2023-03-07T09:36:47.656548+00:00",
            "attachment_type":"link",
            "attachment":{
               "title":"Example-Create_an_incident_attachment_returns_OK_response",
               "documentUrl":"https://docs.google.com/spreadsheets/d/1R1C1Lx_0ELE3xc"
            }
         },
         "relationships":{
            "last_modified_by_user":{
               "data":{
                  "type":"users",
                  "id":"af292796-b738-11ed-bb14-6a6fc077be39"
               }
            }
         }
      }
   ],
   "error":null,
   "has_error":false
}

List Users

Get the list of all users in the organization. This list includes all users even if they are deactivated or unverified. This endpoint requires the user_access_read authorization scope.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Additional ParamsJinja-templated JSON containing params to be passed in request. Example: '{"page[size]": 2,"page[offset]": 3, filter[status]:"Disabled"}'Optional

Output

JSON containing the following items:

{
   "included":[
      {
         "type":"permissions",
         "id":"c13a2368-7d61-11ed-b5b7-da7ad0900002",
         "attributes":{
            "name":"continuous_profiler_read",
            "display_name":"Continuous Profiler Read",
            "description":"View data in Continuous Profiler.",
            "created":"2022-12-16T16:50:32.545882+00:00",
            "group_name":"APM",
            "display_type":"read",
            "restricted":false
         }
      }
   ],
   "data":[
      {
         "type":"users",
         "id":"af292796-b738-11ed-bb14-6asdfasdf",
         "attributes":{
            "name":"Sumit yadav",
            "handle":"[email protected]",
            "created_at":"2023-02-28T07:22:40.312284+00:00",
            "modified_at":"2023-02-28T07:22:40.316250+00:00",
            "email":"[email protected]",
            "icon":"https://secure.gravatar.com/avatar/0902013a35e2d0dfd135f189fbc25532?s=48&d=retro",
            "title":null,
            "verified":true,
            "service_account":false,
            "disabled":false,
            "allowed_login_methods":[
               
            ],
            "status":"Active"
         },
         "relationships":{
            "roles":{
               "data":[
                  {
                     "type":"roles",
                     "id":"aef1c858-b738-11ed-bdbf-da7ad0900002"
                  }
               ]
            },
            "org":{
               "data":{
                  "type":"orgs",
                  "id":"aee0c5b2-b738-11ed-84b1-da7ad0900002"
               }
            }
         }
      }
   ],
   "has_error":false,
   "meta":{
      "page":{
         "total_count":1,
         "total_filtered_count":1
      }
   },
   "error":null
}

Release Notes

  • v2.1.2 - Added 8 new actions: Create an Incident, List Incidents, Get Incident Details, Delete an Incident, Update an Incident, List Attachments, Create, Update, and Delete Incident Attachments and List Users.
  • v2.0.0 - Updated architecture to support IO via filesystem