Document signals triage update endpoints

.generator/schemas/v2/openapi.yaml

@@ -64574,6 +64574,38 @@ components:
       type: string
       x-enum-varnames:
         - SIGNAL
+    SecurityMonitoringSignalUpdateAttributes:
+      description: Attributes for updating the triage state or assignee of a security signal.
+      properties:
+        archive_comment:
+          $ref: "#/components/schemas/SecurityMonitoringSignalArchiveComment"
+        archive_reason:
+          $ref: "#/components/schemas/SecurityMonitoringSignalArchiveReason"
+        assignee:
+          $ref: "#/components/schemas/SecurityMonitoringTriageUser"
+        state:
+          $ref: "#/components/schemas/SecurityMonitoringSignalState"
+        version:
+          $ref: "#/components/schemas/SecurityMonitoringSignalVersion"
+      type: object
+    SecurityMonitoringSignalUpdateData:
+      description: Data containing the triage state or assignee update for a security signal.
+      properties:
+        attributes:
+          $ref: "#/components/schemas/SecurityMonitoringSignalUpdateAttributes"
+        type:
+          $ref: "#/components/schemas/SecurityMonitoringSignalMetadataType"
+      required:
+        - attributes
+      type: object
+    SecurityMonitoringSignalUpdateRequest:
+      description: Request body for updating the triage state or assignee of a security signal.
+      properties:
+        data:
+          $ref: "#/components/schemas/SecurityMonitoringSignalUpdateData"
+      required:
+        - data
+      type: object
     SecurityMonitoringSignalVersion:
       description: Version of the updated signal. If server side version is higher, update will be rejected.
       format: int64
@@ -64727,6 +64759,33 @@ components:
         - count
         - events
       type: object
+    SecurityMonitoringSignalsBulkUpdateData:
+      description: Data for updating a single security signal in a bulk update operation.
+      properties:
+        attributes:
+          $ref: "#/components/schemas/SecurityMonitoringSignalUpdateAttributes"
+        id:
+          description: The unique ID of the security signal.
+          example: AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA
+          type: string
+        type:
+          $ref: "#/components/schemas/SecurityMonitoringSignalType"
+      required:
+        - id
+        - attributes
+      type: object
+    SecurityMonitoringSignalsBulkUpdateRequest:
+      description: Request body for updating multiple attributes of multiple security signals.
+      properties:
+        data:
+          description: An array of signal updates.
+          items:
+            $ref: "#/components/schemas/SecurityMonitoringSignalsBulkUpdateData"
+          maxItems: 199
+          type: array
+      required:
+        - data
+      type: object
     SecurityMonitoringSignalsListResponse:
       description: "The response object with all security signals matching the request\nand pagination information."
       properties:
@@ -119533,6 +119592,51 @@ paths:
         operator: OR
         permissions:
           - security_monitoring_signals_write
+  /api/v2/security_monitoring/signals/bulk/update:
+    patch:
+      description: |-
+        Update the triage state or assignee of multiple security signals at once.
+        The maximum number of signals that can be updated in a single request is 199.
+      operationId: BulkEditSecurityMonitoringSignals
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/SecurityMonitoringSignalsBulkUpdateRequest"
+        description: Attributes describing the signal updates.
+        required: true
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/SecurityMonitoringSignalsBulkTriageUpdateResponse"
+          description: OK
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/JSONAPIErrorResponse"
+          description: Bad Request
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/JSONAPIErrorResponse"
+          description: Forbidden
+        "429":
+          $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+          appKeyAuth: []
+        - AuthZ: []
+      summary: Bulk update security signals
+      tags: ["Security Monitoring"]
+      x-codegen-request-body-name: body
+      "x-permission":
+        operator: OR
+        permissions:
+          - security_monitoring_signals_write
   /api/v2/security_monitoring/signals/search:
     post:
       description: |-
@@ -119855,6 +119959,58 @@ paths:
         permissions:
           - security_monitoring_rules_read
           - security_monitoring_signals_read
+  /api/v2/security_monitoring/signals/{signal_id}/update:
+    patch:
+      description: |-
+        Update the triage state or assignee of a security signal.
+      operationId: EditSecurityMonitoringSignal
+      parameters:
+        - $ref: "#/components/parameters/SignalID"
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/SecurityMonitoringSignalUpdateRequest"
+        description: Attributes describing the signal triage state or assignee update.
+        required: true
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/SecurityMonitoringSignalTriageUpdateResponse"
+          description: OK
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/JSONAPIErrorResponse"
+          description: Bad Request
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/JSONAPIErrorResponse"
+          description: Forbidden
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/JSONAPIErrorResponse"
+          description: Not Found
+        "429":
+          $ref: "#/components/responses/TooManyRequestsResponse"
+      security:
+        - apiKeyAuth: []
+          appKeyAuth: []
+        - AuthZ: []
+      summary: Update security signal triage state or assignee
+      tags: ["Security Monitoring"]
+      x-codegen-request-body-name: body
+      "x-permission":
+        operator: OR
+        permissions:
+          - security_monitoring_signals_write
   /api/v2/security_monitoring/terraform/{resource_type}/bulk:
     post:
       description: |-

docs/datadog_api_client.v2.model.rst

@@ -28697,6 +28697,27 @@ datadog\_api\_client.v2.model.security\_monitoring\_signal\_type module
    :members:
    :show-inheritance:
 
+datadog\_api\_client.v2.model.security\_monitoring\_signal\_update\_attributes module
+-------------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.security_monitoring_signal_update_attributes
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.security\_monitoring\_signal\_update\_data module
+-------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.security_monitoring_signal_update_data
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.security\_monitoring\_signal\_update\_request module
+----------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.security_monitoring_signal_update_request
+   :members:
+   :show-inheritance:
+
 datadog\_api\_client.v2.model.security\_monitoring\_signals\_bulk\_assignee\_update\_attributes module
 ------------------------------------------------------------------------------------------------------
 
@@ -28760,6 +28781,20 @@ datadog\_api\_client.v2.model.security\_monitoring\_signals\_bulk\_triage\_updat
    :members:
    :show-inheritance:
 
+datadog\_api\_client.v2.model.security\_monitoring\_signals\_bulk\_update\_data module
+--------------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.security_monitoring_signals_bulk_update_data
+   :members:
+   :show-inheritance:
+
+datadog\_api\_client.v2.model.security\_monitoring\_signals\_bulk\_update\_request module
+-----------------------------------------------------------------------------------------
+
+.. automodule:: datadog_api_client.v2.model.security_monitoring_signals_bulk_update_request
+   :members:
+   :show-inheritance:
+
 datadog\_api\_client.v2.model.security\_monitoring\_signals\_list\_response module
 ----------------------------------------------------------------------------------
 

examples/v2/security-monitoring/BulkEditSecurityMonitoringSignals.py

@@ -0,0 +1,42 @@
+"""
+Bulk update security signals returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
+from datadog_api_client.v2.model.security_monitoring_signal_archive_reason import SecurityMonitoringSignalArchiveReason
+from datadog_api_client.v2.model.security_monitoring_signal_state import SecurityMonitoringSignalState
+from datadog_api_client.v2.model.security_monitoring_signal_type import SecurityMonitoringSignalType
+from datadog_api_client.v2.model.security_monitoring_signal_update_attributes import (
+    SecurityMonitoringSignalUpdateAttributes,
+)
+from datadog_api_client.v2.model.security_monitoring_signals_bulk_update_data import (
+    SecurityMonitoringSignalsBulkUpdateData,
+)
+from datadog_api_client.v2.model.security_monitoring_signals_bulk_update_request import (
+    SecurityMonitoringSignalsBulkUpdateRequest,
+)
+from datadog_api_client.v2.model.security_monitoring_triage_user import SecurityMonitoringTriageUser
+
+body = SecurityMonitoringSignalsBulkUpdateRequest(
+    data=[
+        SecurityMonitoringSignalsBulkUpdateData(
+            attributes=SecurityMonitoringSignalUpdateAttributes(
+                archive_reason=SecurityMonitoringSignalArchiveReason.NONE,
+                assignee=SecurityMonitoringTriageUser(
+                    uuid="773b045d-ccf8-4808-bd3b-955ef6a8c940",
+                ),
+                state=SecurityMonitoringSignalState.OPEN,
+            ),
+            id="AAAAAWgN8Xwgr1vKDQAAAABBV2dOOFh3ZzZobm1mWXJFYTR0OA",
+            type=SecurityMonitoringSignalType.SIGNAL,
+        ),
+    ],
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = SecurityMonitoringApi(api_client)
+    response = api_instance.bulk_edit_security_monitoring_signals(body=body)
+
+    print(response)

examples/v2/security-monitoring/EditSecurityMonitoringSignal.py

@@ -0,0 +1,35 @@
+"""
+Update security signal triage state or assignee returns "OK" response
+"""
+
+from datadog_api_client import ApiClient, Configuration
+from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
+from datadog_api_client.v2.model.security_monitoring_signal_archive_reason import SecurityMonitoringSignalArchiveReason
+from datadog_api_client.v2.model.security_monitoring_signal_metadata_type import SecurityMonitoringSignalMetadataType
+from datadog_api_client.v2.model.security_monitoring_signal_state import SecurityMonitoringSignalState
+from datadog_api_client.v2.model.security_monitoring_signal_update_attributes import (
+    SecurityMonitoringSignalUpdateAttributes,
+)
+from datadog_api_client.v2.model.security_monitoring_signal_update_data import SecurityMonitoringSignalUpdateData
+from datadog_api_client.v2.model.security_monitoring_signal_update_request import SecurityMonitoringSignalUpdateRequest
+from datadog_api_client.v2.model.security_monitoring_triage_user import SecurityMonitoringTriageUser
+
+body = SecurityMonitoringSignalUpdateRequest(
+    data=SecurityMonitoringSignalUpdateData(
+        attributes=SecurityMonitoringSignalUpdateAttributes(
+            archive_reason=SecurityMonitoringSignalArchiveReason.NONE,
+            assignee=SecurityMonitoringTriageUser(
+                uuid="773b045d-ccf8-4808-bd3b-955ef6a8c940",
+            ),
+            state=SecurityMonitoringSignalState.OPEN,
+        ),
+        type=SecurityMonitoringSignalMetadataType.SIGNAL_METADATA,
+    ),
+)
+
+configuration = Configuration()
+with ApiClient(configuration) as api_client:
+    api_instance = SecurityMonitoringApi(api_client)
+    response = api_instance.edit_security_monitoring_signal(signal_id="signal_id", body=body)
+
+    print(response)