Datadog
App Vendor: Datadog
App Category: Analytics & SIEM
Connector Version: 1.1.0
API Version: v1 & v2
Note
This app is currently released as a beta version.
About App
Datadog is a comprehensive monitoring and security platform for cloud applications, seamlessly aggregating data across infrastructure, applications, and logs. It enables businesses to improve performance and accelerate decision-making with real-time insights.
The Datadog app is configured with Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
Create Incident | This action creates an incident. |
Delete Incident | This action deletes an incident. |
Get Incident | This action retrieves an incident by the given incident ID. |
List Incidents | This action lists all the incidents. |
List IP Allowlist | This action lists all IP allowlists. |
List IP Ranges | This action lists all the IP ranges. |
Search Incident | This action searches for incidents. |
Update Incident | This action updates an incident. |
Update IP Allowlist | This action updates an IP allowlist. |
Generic Action | This is a generic action used to make requests to any Datadog endpoint. |
Configuration Parameters
The following configuration parameters are required for the Datadog app to communicate with the Datadog enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
API Key | Enter the API key to authenticate with Datadog. | Password | Required | |
Region | Enter the region of the API. | Text | Required | Allowed values: us1 (Region: US, Base URL: https://app.datadoghq.com) us3 (Region: US, Base URL: https://us3.datadoghq.com) us5 (Region: US, Base URL: https://us5.datadoghq.com) eu1 (Region: EU (Germany), Base URL: https://app.datadoghq.eu) ap1 (Region: Japan, Base URL: https://ap1.datadoghq.com) us1_fed (Region: US, Base URL: https://app.ddog-gov.com) |
Version | Enter the version of the API. | Text | Optional | |
Application Key | Enter the application key to authenticate with Datadog. | Text | Optional | |
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with Datadog. | Integer | Optional | Allowed range: 15-120 Default value: 15 |
Verify | Choose your preference to verify SSL or TLS while making requests. It is recommended to set this option to yes. Passing no may result in incorrectly establishing the connection. | Boolean | Optional | Default value: true |
Action: Create Incident
This action creates an incident.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Incident Data | Enter the incident data as a list of dictionaries to create the incident. | Key Value | Required |
Example Request
[
{
"data": {
"type": "incidents",
"attributes": {
"title": "Sample Incident"
}
}
}
]Action: Delete Incident
This action deletes an incident.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Incident ID | Enter the incident ID to delete the incident. Example: 0659a6d3-2cf8-5a2d-b694-fc813aa28c67 | Text | Required | You can retrieve this using the action List Incidents. |
Example Request
[
{
"incident_id": "0659a6d3-2cf8-5a2d-b694-fc813aa28c67"
}
]Action: Get Incident
This action retrieves an incident by the given incident ID.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Incident ID | Enter the incident ID to get the incident. Example: 0659a6d3-2cf8-5a2d-b694-fc813aa28c67 | Text | Required | You can retrieve this using the action List Incidents. |
Include | Specify the types of related objects that should be included in the response. Example: [\"incident_type\", \"user\"] | List | Optional |
Example Request
[
{
"incident_id": "0659a6d3-2cf8-5a2d-b694-fc813aa28c67"
}
]Action: List Incidents
This action lists all the incidents.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Include | Specify the types of related objects that should be included in the response. [\"incident_type\", \"user\"] | List | Optional | |
Page Size | Enter the maximum number of incidents to be returned. | Integer | Optional | Allowed range: 1-100 |
Page Offset | Enter the offset value to specify the starting point of the page to be returned. | Integer | Optional |
Example Request
[
{
"include": [
{
"type": "users"
}
]
}
]Action: List IP Allowlist
This action lists all IP allowlists.
Note
This action is available only for enterprise users. To request access, see Datadog API Documentation or contact Datadog support.
Action Input Parameters
No input parameters are required for this action.
Action: List IP Ranges
This action lists all IP ranges.
Action Input Parameters
No input parameters are required for this action.
Action: Search Incident
This action searches for incidents.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query | Enter the search query to execute the action. | Text | Required | The query can contain any number of incident facets joined by ANDs, along with multiple values for each of those facets joined by ORs. For example: state: active AND severity: (SEV-2 OR SEV-1) |
Page Size | Enter the maximum number of incidents to be returned. | Integer | Optional | Allowed range: 1-100 |
Page Offset | Enter the offset value to specify the starting point of the page to be returned. | Integer | Optional | |
Include | Specify the types of related objects that should be included in the response. Example: [\"incident_type\", \"user\"] | Text | Optional | |
Sort | Enter the order to sort the response. | Text | Optional | Allowed values are created and -created. |
Example Request
[
{
"sort": "-created",
"query": "[state:stable AND severity:(SEV-2 OR SEV-1)]"
}
]Action: Update Incident
This action updates an incident.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Incident ID | Enter the incident ID to update. Example: 0659a6d3-2cf8-5a2d-b694-fc813aa28c67 | Text | Required | You can retrieve this using the action List Incidents. |
Data | Enter the incident data as a list of dictionaries to update the incident. | Key Value | Required | |
Include | Specify the types of related objects that should be included in the response. Example: [\"incident_type\", \"user\"] | List | Optional |
Example Request
[
{
"data": {
"id": "a770f47e-eacb-5359-b4ff-429b307952e9",
"type": "incidents",
"attributes": {
"fields": {
"state": {
"type": "dropdown",
"value": "resolved"
}
},
"title": "Updating incident"
}
}
}
]Action: Update IP Allowlist
This action updates an IP allowlist.
Note
This action is available only for enterprise users. To request access, see Datadog API Documentation or contact Datadog support.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
CIDR | Enter the CIDR range to the allowlist. Example: 127.0.0.1 | Text | Required | |
Note | Enter the note for the IP allowlist. Example: Allowlist for testing | Text | Optional | |
ID | Enter the ID of the IP allowlist. | Text | Optional | You can retrieve this using the action List IP Allowlist. |
Org ID | Enter the organization ID. | Text | Optional | |
Enabled | Enter the value to indicate whether the IP allowlist is enabled. | Boolean | Optional | Allowed values:
Default value: false |
Example Request
[
{
"cidr": "127.0.0.2"
}
]Action: Generic Action
This is a generic action used to make requests to any Datadog endpoint.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Method | Enter the HTTP method to make the request. Example: GET | Text | Required | Allowed values:
|
Endpoint | Enter the endpoint to make the request. Example: /ip_allowlist | Text | Required | |
Query Params | Enter the query parameters to pass to the API. | Key Value | Optional | |
Payload | Enter the payload to pass to the API. | Key Value | Optional | |
Extra Fields | Enter the extra fields to pass to the API. | Key Value | Optional | Allowed keys: payload_data, custom_output, download, filename, files, retry_count, retry_wait, response_type |
Example Request
[
{
"method": "GET",
"endpoint": "incidents/95391e85-b9d4-5292-a7e0-60e67be876a9/attachments",
"extra_fields": {},
"query_params": {}
}
]