diff --git a/.buildkite/ftr_platform_stateful_configs.yml b/.buildkite/ftr_platform_stateful_configs.yml index 02d6355c212bd..301670605a0dd 100644 --- a/.buildkite/ftr_platform_stateful_configs.yml +++ b/.buildkite/ftr_platform_stateful_configs.yml @@ -351,6 +351,7 @@ enabled: - x-pack/performance/journeys_e2e/tsdb_logs_data_visualizer.ts - x-pack/performance/journeys_e2e/promotion_tracking_dashboard.ts - x-pack/performance/journeys_e2e/web_logs_dashboard.ts + - x-pack/performance/journeys_e2e/web_logs_dashboard_esql.ts - x-pack/performance/journeys_e2e/data_stress_test_lens.ts - x-pack/performance/journeys_e2e/ecommerce_dashboard_saved_search_only.ts - x-pack/performance/journeys_e2e/ecommerce_dashboard_tsvb_gauge_only.ts diff --git a/.buildkite/ftr_security_serverless_configs.yml b/.buildkite/ftr_security_serverless_configs.yml index 89ebb4aa12cd4..6d42c030b2d4f 100644 --- a/.buildkite/ftr_security_serverless_configs.yml +++ b/.buildkite/ftr_security_serverless_configs.yml @@ -81,6 +81,7 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts diff --git a/.buildkite/ftr_security_stateful_configs.yml b/.buildkite/ftr_security_stateful_configs.yml index 77a8c57029096..a2390fa2bd27f 100644 --- a/.buildkite/ftr_security_stateful_configs.yml +++ b/.buildkite/ftr_security_stateful_configs.yml @@ -62,6 +62,7 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts diff --git a/.buildkite/pipeline-resource-definitions/scripts/fix-location-collection.ts b/.buildkite/pipeline-resource-definitions/scripts/fix-location-collection.ts index b58f2728a8706..6f751e86057f7 100755 --- a/.buildkite/pipeline-resource-definitions/scripts/fix-location-collection.ts +++ b/.buildkite/pipeline-resource-definitions/scripts/fix-location-collection.ts @@ -38,7 +38,6 @@ async function main() { const preamble = locationFileLines.slice(0, 1); - // eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml const locationObj = jsYaml.load( locationFileLines.slice(1).join('\n') ) as BackstageLocationResource; @@ -46,7 +45,6 @@ async function main() { (fileName) => `${resourceDefinitionsBaseUrl}/${fileName}` ); - // eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml const locationYaml = jsYaml.dump(locationObj, { lineWidth: 400 }); fs.writeFileSync(locationFile, `${preamble.join('\n')}\n${locationYaml}`); diff --git a/.buildkite/pipeline-utils/agent_images.ts b/.buildkite/pipeline-utils/agent_images.ts index cfe93ba67a1f4..a87ea8dca6234 100644 --- a/.buildkite/pipeline-utils/agent_images.ts +++ b/.buildkite/pipeline-utils/agent_images.ts @@ -7,7 +7,6 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml import { dump } from 'js-yaml'; import { BuildkiteClient, BuildkiteCommandStep } from './buildkite'; diff --git a/.buildkite/pipeline-utils/buildkite/client.ts b/.buildkite/pipeline-utils/buildkite/client.ts index ac5fa4756bdaf..f96f18c7ee6cc 100644 --- a/.buildkite/pipeline-utils/buildkite/client.ts +++ b/.buildkite/pipeline-utils/buildkite/client.ts @@ -10,7 +10,6 @@ import axios, { AxiosInstance } from 'axios'; import { execSync, ExecSyncOptions } from 'child_process'; -// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml import { dump } from 'js-yaml'; import { parseLinkHeader } from './parse_link_header'; diff --git a/.buildkite/pipeline-utils/ci-stats/pick_test_group_run_order.ts b/.buildkite/pipeline-utils/ci-stats/pick_test_group_run_order.ts index 7379ab526321a..0ccc991c1def9 100644 --- a/.buildkite/pipeline-utils/ci-stats/pick_test_group_run_order.ts +++ b/.buildkite/pipeline-utils/ci-stats/pick_test_group_run_order.ts @@ -12,7 +12,6 @@ import * as Fs from 'fs'; import * as globby from 'globby'; import minimatch from 'minimatch'; -// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml import { load as loadYaml } from 'js-yaml'; import { BuildkiteClient, BuildkiteStep } from '../buildkite'; diff --git a/.buildkite/scripts/steps/esql_generate_function_metadata.sh b/.buildkite/scripts/steps/esql_generate_function_metadata.sh index 837a962b3c42b..15d0087594696 100755 --- a/.buildkite/scripts/steps/esql_generate_function_metadata.sh +++ b/.buildkite/scripts/steps/esql_generate_function_metadata.sh @@ -2,7 +2,7 @@ set -euo pipefail VALIDATION_PACKAGE_DIR="packages/kbn-esql-validation-autocomplete" -EDITOR_PACKAGE_DIR="packages/kbn-text-based-editor" +EDITOR_PACKAGE_DIR="packages/kbn-language-documentation" GIT_SCOPE="$VALIDATION_PACKAGE_DIR/**/* $EDITOR_PACKAGE_DIR/**/*" report_main_step () { diff --git a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh index 41ca47aef24ee..bd9de3c966d8d 100755 --- a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh +++ b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh @@ -7,3 +7,6 @@ source .buildkite/scripts/common/util.sh echo --- Merge Kibana OpenAPI specs (cd oas_docs && make api-docs && make api-docs-lint) +(cd oas_docs && make api-docs-staging && make api-docs-lint) + +check_for_changed_files "make api-docs && make api-docs-staging" true diff --git a/.buildkite/scripts/steps/storybooks/build_and_upload.ts b/.buildkite/scripts/steps/storybooks/build_and_upload.ts index 148742c2ae046..13b346794f7b4 100644 --- a/.buildkite/scripts/steps/storybooks/build_and_upload.ts +++ b/.buildkite/scripts/steps/storybooks/build_and_upload.ts @@ -54,7 +54,7 @@ const STORYBOOKS = [ 'language_documentation_popover', 'unified_search', 'random_sampling', - 'text_based_editor', + 'esql_editor', ]; const GITHUB_CONTEXT = 'Build and Publish Storybooks'; diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 142e5ce933777..5f925468ac716 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -4,7 +4,6 @@ ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 ENV HOME=/home/vscode ENV NVM_DIR=${HOME}/nvm ENV NVM_VERSION=v0.39.1 -ENV KBN_DIR=/workspaces/kibana ENV OPENSSL_PATH=${HOME}/openssl # Only specific versions are FIPS certified. ENV OPENSSL_VERSION='3.0.8' @@ -50,6 +49,7 @@ WORKDIR ${KBN_DIR} # Node and NVM setup COPY .node-version /tmp/ +# Mac will have permissions issues if Node and NVM are installed as root USER vscode RUN mkdir -p $NVM_DIR && \ diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index f5fea9e37c5d3..932c16ddb293d 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -23,8 +23,11 @@ 9230, 9231 ], - "postStartCommand": "/workspaces/kibana/.devcontainer/scripts/post_start.sh", + "postStartCommand": "${containerWorkspaceFolder}/.devcontainer/scripts/post_start.sh", "remoteUser": "vscode", + "containerEnv": { + "KBN_DIR": "${containerWorkspaceFolder}" + }, "features": { "ghcr.io/devcontainers/features/docker-in-docker:2": { "version": "latest", diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 9284e5ba821f9..307cecba44651 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -354,6 +354,7 @@ x-pack/plugins/data_quality @elastic/obs-ux-logs-team test/plugin_functional/plugins/data_search @elastic/kibana-data-discovery packages/kbn-data-service @elastic/kibana-visualizations @elastic/kibana-data-discovery packages/kbn-data-stream-adapter @elastic/security-threat-hunting-explore +x-pack/plugins/data_usage @elastic/obs-ai-assistant @elastic/security-solution src/plugins/data_view_editor @elastic/kibana-data-discovery examples/data_view_field_editor_example @elastic/kibana-data-discovery src/plugins/data_view_field_editor @elastic/kibana-data-discovery @@ -428,6 +429,7 @@ src/plugins/esql @elastic/kibana-esql packages/kbn-esql-ast @elastic/kibana-esql examples/esql_ast_inspector @elastic/kibana-esql src/plugins/esql_datagrid @elastic/kibana-esql +packages/kbn-esql-editor @elastic/kibana-esql packages/kbn-esql-utils @elastic/kibana-esql packages/kbn-esql-validation-autocomplete @elastic/kibana-esql examples/esql_validation_example @elastic/kibana-esql @@ -552,7 +554,7 @@ src/plugins/kibana_usage_collection @elastic/kibana-core src/plugins/kibana_utils @elastic/appex-sharedux x-pack/plugins/kubernetes_security @elastic/kibana-cloud-security-posture x-pack/packages/kbn-langchain @elastic/security-generative-ai -packages/kbn-language-documentation-popover @elastic/kibana-esql +packages/kbn-language-documentation @elastic/kibana-esql x-pack/examples/lens_config_builder_example @elastic/kibana-visualizations packages/kbn-lens-embeddable-utils @elastic/obs-ux-infra_services-team @elastic/kibana-visualizations packages/kbn-lens-formula-docs @elastic/kibana-visualizations @@ -918,7 +920,6 @@ test x-pack/test x-pack/performance @elastic/appex-qa x-pack/examples/testing_embedded_lens @elastic/kibana-visualizations -packages/kbn-text-based-editor @elastic/kibana-esql x-pack/examples/third_party_lens_navigation_prompt @elastic/kibana-visualizations x-pack/examples/third_party_vis_lens_example @elastic/kibana-visualizations x-pack/plugins/threat_intelligence @elastic/security-threat-hunting-investigations @@ -1361,6 +1362,7 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib # Kibana Platform Security /.github/codeql @elastic/kibana-security /.github/workflows/codeql.yml @elastic/kibana-security +/.github/workflows/codeql-stats.yml @elastic/kibana-security /src/dev/eslint/security_eslint_rule_tests.ts @elastic/kibana-security /src/core/server/integration_tests/config/check_dynamic_config.test.ts @elastic/kibana-security /src/plugins/telemetry/server/config/telemetry_labels.ts @elastic/kibana-security @@ -1416,6 +1418,15 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/test_serverless/functional/test_suites/security/screenshot_creation/response_ops_docs @elastic/response-ops /x-pack/test_serverless/functional/test_suites/observability/screenshot_creation/response_ops_docs @elastic/response-ops /x-pack/test_serverless/api_integration/test_suites/common/alerting/ @elastic/response-ops +/x-pack/test/functional/es_archives/action_task_params @elastic/response-ops +/x-pack/test/functional/es_archives/actions @elastic/response-ops +/x-pack/test/functional/es_archives/alerting @elastic/response-ops +/x-pack/test/functional/es_archives/alerts @elastic/response-ops +/x-pack/test/functional/es_archives/alerts_legacy @elastic/response-ops +/x-pack/test/functional/es_archives/observability/alerts @elastic/response-ops +/x-pack/test/functional/es_archives/actions @elastic/response-ops +/x-pack/test/functional/es_archives/rules_scheduled_task_id @elastic/response-ops +/x-pack/test/functional/es_archives/alerting/8_2_0 @elastic/response-ops # Enterprise Search /x-pack/test/functional_enterprise_search/ @elastic/search-kibana diff --git a/.github/workflows/codeql-stats.yml b/.github/workflows/codeql-stats.yml new file mode 100644 index 0000000000000..fc01cdd969295 --- /dev/null +++ b/.github/workflows/codeql-stats.yml @@ -0,0 +1,28 @@ +name: CodeQL statistics + +on: + schedule: + - cron: '27 0 * * 1' # At 00:27 every Monday + +jobs: + stats: + name: CodeQL statistics + runs-on: ubuntu-latest + if: github.repository == 'elastic/kibana' # Hack: Do not run on forks + steps: + - name: Checkout kibana-operations + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + repository: 'elastic/kibana-operations' + ref: main + path: ./kibana-operations + token: ${{secrets.KIBANAMACHINE_TOKEN}} + + - name: CodeQL alert statistics + working-directory: ./kibana-operations/triage + env: + GITHUB_TOKEN: ${{secrets.KIBANAMACHINE_TOKEN}} + SLACK_TOKEN: ${{secrets.CODE_SCANNING_SLACK_TOKEN}} + run: | + npm ci --omit=dev + node codeql-alert-stats diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 87a022376ac93..82080dd9235f9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -76,12 +76,3 @@ jobs: run: | npm ci --omit=dev node codeql-alert - - - name: CodeQL alert statistics - working-directory: ./kibana-operations/triage - env: - GITHUB_TOKEN: ${{secrets.KIBANAMACHINE_TOKEN}} - SLACK_TOKEN: ${{secrets.CODE_SCANNING_SLACK_TOKEN}} - run: | - npm ci --omit=dev - node codeql-alert-stats diff --git a/.i18nrc.json b/.i18nrc.json index b65c71b1a0d44..e9500448b9a09 100644 --- a/.i18nrc.json +++ b/.i18nrc.json @@ -98,7 +98,7 @@ "presentationUtil": "src/plugins/presentation_util", "randomSampling": "x-pack/packages/kbn-random-sampling", "reactPackages": "packages/react", - "textBasedEditor": "packages/kbn-text-based-editor", + "esqlEditor": "packages/kbn-esql-editor", "esqlUtils": "packages/kbn-esql-utils", "reporting": "packages/kbn-reporting", "savedObjects": "src/plugins/saved_objects", @@ -118,7 +118,7 @@ "serverlessPackages": "packages/serverless", "sse": [ "packages/kbn-sse-utils" ], "coloring": "packages/kbn-coloring/src", - "languageDocumentationPopover": "packages/kbn-language-documentation-popover/src", + "languageDocumentation": "packages/kbn-language-documentation/src", "esql": "src/plugins/esql", "esqlDataGrid": "src/plugins/esql_datagrid", "statusPage": "src/legacy/core_plugins/status_page", diff --git a/api_docs/actions.mdx b/api_docs/actions.mdx index 9ed71acfceac0..35ad4814bdb77 100644 --- a/api_docs/actions.mdx +++ b/api_docs/actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions title: "actions" image: https://source.unsplash.com/400x175/?github description: API docs for the actions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions'] --- import actionsObj from './actions.devdocs.json'; diff --git a/api_docs/advanced_settings.mdx b/api_docs/advanced_settings.mdx index ed64fcdda776d..ec3deb5a4bc1d 100644 --- a/api_docs/advanced_settings.mdx +++ b/api_docs/advanced_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings title: "advancedSettings" image: https://source.unsplash.com/400x175/?github description: API docs for the advancedSettings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings'] --- import advancedSettingsObj from './advanced_settings.devdocs.json'; diff --git a/api_docs/ai_assistant_management_selection.mdx b/api_docs/ai_assistant_management_selection.mdx index d29944d472db0..832dc0148fc16 100644 --- a/api_docs/ai_assistant_management_selection.mdx +++ b/api_docs/ai_assistant_management_selection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiAssistantManagementSelection title: "aiAssistantManagementSelection" image: https://source.unsplash.com/400x175/?github description: API docs for the aiAssistantManagementSelection plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiAssistantManagementSelection'] --- import aiAssistantManagementSelectionObj from './ai_assistant_management_selection.devdocs.json'; diff --git a/api_docs/aiops.mdx b/api_docs/aiops.mdx index ed11425824b38..8a1af6c7ed4d9 100644 --- a/api_docs/aiops.mdx +++ b/api_docs/aiops.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiops title: "aiops" image: https://source.unsplash.com/400x175/?github description: API docs for the aiops plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiops'] --- import aiopsObj from './aiops.devdocs.json'; diff --git a/api_docs/alerting.mdx b/api_docs/alerting.mdx index 53b27f764e367..f84ea0fce4f9a 100644 --- a/api_docs/alerting.mdx +++ b/api_docs/alerting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/alerting title: "alerting" image: https://source.unsplash.com/400x175/?github description: API docs for the alerting plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'alerting'] --- import alertingObj from './alerting.devdocs.json'; diff --git a/api_docs/apm.mdx b/api_docs/apm.mdx index 77c919d900ac3..805621f44124c 100644 --- a/api_docs/apm.mdx +++ b/api_docs/apm.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apm title: "apm" image: https://source.unsplash.com/400x175/?github description: API docs for the apm plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apm'] --- import apmObj from './apm.devdocs.json'; diff --git a/api_docs/apm_data_access.mdx b/api_docs/apm_data_access.mdx index fbe0dfc66d6ec..1c86ea4253378 100644 --- a/api_docs/apm_data_access.mdx +++ b/api_docs/apm_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apmDataAccess title: "apmDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the apmDataAccess plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apmDataAccess'] --- import apmDataAccessObj from './apm_data_access.devdocs.json'; diff --git a/api_docs/banners.mdx b/api_docs/banners.mdx index d08848dd3ab7b..444d5bdae536c 100644 --- a/api_docs/banners.mdx +++ b/api_docs/banners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/banners title: "banners" image: https://source.unsplash.com/400x175/?github description: API docs for the banners plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'banners'] --- import bannersObj from './banners.devdocs.json'; diff --git a/api_docs/bfetch.mdx b/api_docs/bfetch.mdx index 36448f1aff363..368cbbd4b250b 100644 --- a/api_docs/bfetch.mdx +++ b/api_docs/bfetch.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/bfetch title: "bfetch" image: https://source.unsplash.com/400x175/?github description: API docs for the bfetch plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'bfetch'] --- import bfetchObj from './bfetch.devdocs.json'; diff --git a/api_docs/canvas.mdx b/api_docs/canvas.mdx index 14036c941eabb..3eb2bea386ac9 100644 --- a/api_docs/canvas.mdx +++ b/api_docs/canvas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/canvas title: "canvas" image: https://source.unsplash.com/400x175/?github description: API docs for the canvas plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'canvas'] --- import canvasObj from './canvas.devdocs.json'; diff --git a/api_docs/cases.mdx b/api_docs/cases.mdx index c488eb17c0a3f..263fa4e8c6da2 100644 --- a/api_docs/cases.mdx +++ b/api_docs/cases.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cases title: "cases" image: https://source.unsplash.com/400x175/?github description: API docs for the cases plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cases'] --- import casesObj from './cases.devdocs.json'; diff --git a/api_docs/charts.mdx b/api_docs/charts.mdx index 3e369f1ce4704..438ab5bdbf27b 100644 --- a/api_docs/charts.mdx +++ b/api_docs/charts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/charts title: "charts" image: https://source.unsplash.com/400x175/?github description: API docs for the charts plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'charts'] --- import chartsObj from './charts.devdocs.json'; diff --git a/api_docs/cloud.devdocs.json b/api_docs/cloud.devdocs.json index a421bcc26d64a..9c44d677eb6ee 100644 --- a/api_docs/cloud.devdocs.json +++ b/api_docs/cloud.devdocs.json @@ -473,19 +473,23 @@ }, { "parentPluginId": "cloud", - "id": "def-public.CloudStart.elasticsearchUrl", - "type": "string", + "id": "def-public.CloudStart.fetchElasticsearchConfig", + "type": "Function", "tags": [], - "label": "elasticsearchUrl", + "label": "fetchElasticsearchConfig", "description": [ - "\nThe full URL to the elasticsearch cluster." + "\nFetches the full URL to the elasticsearch cluster." ], "signature": [ - "string | undefined" + "() => Promise<", + "PublicElasticsearchConfigType", + ">" ], "path": "x-pack/plugins/cloud/public/types.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "children": [], + "returnComment": [] }, { "parentPluginId": "cloud", @@ -730,19 +734,23 @@ }, { "parentPluginId": "cloud", - "id": "def-public.CloudSetup.elasticsearchUrl", - "type": "string", + "id": "def-public.CloudSetup.fetchElasticsearchConfig", + "type": "Function", "tags": [], - "label": "elasticsearchUrl", + "label": "fetchElasticsearchConfig", "description": [ - "\nThe full URL to the elasticsearch cluster." + "\nFetches the full URL to the elasticsearch cluster." ], "signature": [ - "string | undefined" + "() => Promise<", + "PublicElasticsearchConfigType", + ">" ], "path": "x-pack/plugins/cloud/public/types.ts", "deprecated": false, - "trackAdoption": false + "trackAdoption": false, + "children": [], + "returnComment": [] }, { "parentPluginId": "cloud", diff --git a/api_docs/cloud.mdx b/api_docs/cloud.mdx index c2037e08efc7c..356d069211f3a 100644 --- a/api_docs/cloud.mdx +++ b/api_docs/cloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloud title: "cloud" image: https://source.unsplash.com/400x175/?github description: API docs for the cloud plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloud'] --- import cloudObj from './cloud.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 84 | 0 | 21 | 0 | +| 84 | 0 | 21 | 1 | ## Client diff --git a/api_docs/cloud_data_migration.mdx b/api_docs/cloud_data_migration.mdx index 206b59401defc..7bf7712e6416e 100644 --- a/api_docs/cloud_data_migration.mdx +++ b/api_docs/cloud_data_migration.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDataMigration title: "cloudDataMigration" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDataMigration plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDataMigration'] --- import cloudDataMigrationObj from './cloud_data_migration.devdocs.json'; diff --git a/api_docs/cloud_defend.mdx b/api_docs/cloud_defend.mdx index 5b0de299015b4..efe9ab2122970 100644 --- a/api_docs/cloud_defend.mdx +++ b/api_docs/cloud_defend.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDefend title: "cloudDefend" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDefend plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDefend'] --- import cloudDefendObj from './cloud_defend.devdocs.json'; diff --git a/api_docs/cloud_security_posture.mdx b/api_docs/cloud_security_posture.mdx index c15e48e575fe6..b04ffbebe34d6 100644 --- a/api_docs/cloud_security_posture.mdx +++ b/api_docs/cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudSecurityPosture title: "cloudSecurityPosture" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudSecurityPosture plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudSecurityPosture'] --- import cloudSecurityPostureObj from './cloud_security_posture.devdocs.json'; diff --git a/api_docs/console.mdx b/api_docs/console.mdx index 35d1c012733e3..b1ba453d27262 100644 --- a/api_docs/console.mdx +++ b/api_docs/console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/console title: "console" image: https://source.unsplash.com/400x175/?github description: API docs for the console plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'console'] --- import consoleObj from './console.devdocs.json'; diff --git a/api_docs/content_management.mdx b/api_docs/content_management.mdx index ca7a6fb27ba72..b346e7e7869ba 100644 --- a/api_docs/content_management.mdx +++ b/api_docs/content_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/contentManagement title: "contentManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the contentManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'contentManagement'] --- import contentManagementObj from './content_management.devdocs.json'; diff --git a/api_docs/controls.devdocs.json b/api_docs/controls.devdocs.json index 5dd8039372686..a683c8bf221a3 100644 --- a/api_docs/controls.devdocs.json +++ b/api_docs/controls.devdocs.json @@ -21,7 +21,7 @@ }, ") => JSX.Element" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -41,7 +41,7 @@ "text": "ControlGroupRendererProps" } ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -59,7 +59,7 @@ "tags": [], "label": "ControlGroupCreationOptions", "description": [], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -89,7 +89,7 @@ }, ">> | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false }, @@ -110,7 +110,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false } @@ -124,7 +124,7 @@ "tags": [], "label": "ControlGroupRendererProps", "description": [], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -146,7 +146,7 @@ }, ") => void" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -166,7 +166,7 @@ "text": "ControlGroupRendererApi" } ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -284,7 +284,7 @@ }, ">>) | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "children": [ @@ -314,7 +314,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -405,7 +405,7 @@ }, ">>, controlId?: string | undefined) => void; }" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -430,7 +430,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -451,7 +451,7 @@ }, "[] | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -472,7 +472,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -493,7 +493,7 @@ }, " | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false }, @@ -507,7 +507,7 @@ "signature": [ "boolean | undefined" ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer.tsx", "deprecated": false, "trackAdoption": false } @@ -797,7 +797,7 @@ "ControlFactory", "" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -819,7 +819,7 @@ }, ") => boolean" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -839,7 +839,7 @@ "text": "DataViewField" } ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -859,81 +859,7 @@ "CustomOptionsComponentProps", "> | undefined" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, - { - "parentPluginId": "controls", - "id": "def-public.DataControlServices", - "type": "Interface", - "tags": [], - "label": "DataControlServices", - "description": [], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "controls", - "id": "def-public.DataControlServices.core", - "type": "Object", - "tags": [], - "label": "core", - "description": [], - "signature": [ - { - "pluginId": "@kbn/core-lifecycle-browser", - "scope": "public", - "docId": "kibKbnCoreLifecycleBrowserPluginApi", - "section": "def-public.CoreStart", - "text": "CoreStart" - } - ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "controls", - "id": "def-public.DataControlServices.data", - "type": "Object", - "tags": [], - "label": "data", - "description": [], - "signature": [ - { - "pluginId": "data", - "scope": "public", - "docId": "kibDataPluginApi", - "section": "def-public.DataPublicPluginStart", - "text": "DataPublicPluginStart" - } - ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "controls", - "id": "def-public.DataControlServices.dataViews", - "type": "Object", - "tags": [], - "label": "dataViews", - "description": [], - "signature": [ - { - "pluginId": "dataViews", - "scope": "public", - "docId": "kibDataViewsPluginApi", - "section": "def-public.DataViewsServicePublic", - "text": "DataViewsServicePublic" - } - ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false } @@ -1295,14 +1221,6 @@ "section": "def-public.HasEditCapabilities", "text": "HasEditCapabilities" }, - " & ", - { - "pluginId": "@kbn/presentation-publishing", - "scope": "public", - "docId": "kibKbnPresentationPublishingPluginApi", - "section": "def-public.PublishesDataLoading", - "text": "PublishesDataLoading" - }, " & Pick<", { "pluginId": "@kbn/presentation-publishing", @@ -1414,8 +1332,8 @@ "pluginId": "controls", "scope": "common", "docId": "kibControlsPluginApi", - "section": "def-common.ControlStyle", - "text": "ControlStyle" + "section": "def-common.ControlLabelPosition", + "text": "ControlLabelPosition" }, ">; asyncResetUnsavedChanges: () => Promise; controlFetch$: (controlUuid: string) => ", "Observable", @@ -1455,7 +1373,7 @@ }, ") => void; }" ], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -1555,14 +1473,6 @@ "section": "def-public.HasEditCapabilities", "text": "HasEditCapabilities" }, - " & ", - { - "pluginId": "@kbn/presentation-publishing", - "scope": "public", - "docId": "kibKbnPresentationPublishingPluginApi", - "section": "def-public.PublishesDataLoading", - "text": "PublishesDataLoading" - }, " & Pick<", { "pluginId": "@kbn/presentation-publishing", @@ -1674,8 +1584,8 @@ "pluginId": "controls", "scope": "common", "docId": "kibControlsPluginApi", - "section": "def-common.ControlStyle", - "text": "ControlStyle" + "section": "def-common.ControlLabelPosition", + "text": "ControlLabelPosition" }, ">; asyncResetUnsavedChanges: () => Promise; controlFetch$: (controlUuid: string) => ", "Observable", @@ -1749,7 +1659,7 @@ }, ">>; }" ], - "path": "src/plugins/controls/public/react_controls/external_api/types.ts", + "path": "src/plugins/controls/public/control_group/control_group_renderer/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -1840,7 +1750,7 @@ }, ">>, controlId?: string | undefined) => void; }" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -1870,7 +1780,7 @@ "signature": [ "(newState: Partial, controlType: string) => Partial" ], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false, "returnComment": [], @@ -1885,7 +1795,7 @@ "signature": [ "{ [P in keyof State]?: State[P] | undefined; }" ], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false }, @@ -1896,7 +1806,7 @@ "tags": [], "label": "controlType", "description": [], - "path": "src/plugins/controls/public/react_controls/control_group/types.ts", + "path": "src/plugins/controls/public/control_group/types.ts", "deprecated": false, "trackAdoption": false } @@ -1986,23 +1896,7 @@ "section": "def-public.ControlGroupApi", "text": "ControlGroupApi" }, - "> & { serializeState: () => ", - { - "pluginId": "@kbn/presentation-containers", - "scope": "public", - "docId": "kibKbnPresentationContainersPluginApi", - "section": "def-public.SerializedPanelState", - "text": "SerializedPanelState" - }, - "<", - { - "pluginId": "controls", - "scope": "common", - "docId": "kibControlsPluginApi", - "section": "def-common.DefaultControlState", - "text": "DefaultControlState" - }, - ">; setDataLoading: (loading: boolean) => void; setBlockingError: (error: Error | undefined) => void; grow: ", + "> & { setDataLoading: (loading: boolean) => void; setBlockingError: (error: Error | undefined) => void; grow: ", { "pluginId": "@kbn/presentation-publishing", "scope": "public", @@ -2026,7 +1920,23 @@ "section": "def-common.ControlWidth", "text": "ControlWidth" }, - " | undefined>; } & Omit<", + " | undefined>; serializeState: () => ", + { + "pluginId": "@kbn/presentation-containers", + "scope": "public", + "docId": "kibKbnPresentationContainersPluginApi", + "section": "def-public.SerializedPanelState", + "text": "SerializedPanelState" + }, + "<", + { + "pluginId": "controls", + "scope": "common", + "docId": "kibControlsPluginApi", + "section": "def-common.DefaultControlState", + "text": "DefaultControlState" + }, + ">; } & Omit<", { "pluginId": "@kbn/presentation-publishing", "scope": "public", @@ -2062,7 +1972,7 @@ }, " & { untilFiltersReady: () => Promise; }" ], - "path": "src/plugins/controls/public/react_controls/controls/data_controls/types.ts", + "path": "src/plugins/controls/public/controls/data_controls/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -2121,7 +2031,7 @@ "tags": [], "label": "controlGroupStateBuilder", "description": [], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2159,7 +2069,7 @@ }, ", controlId?: string | undefined) => Promise" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2189,7 +2099,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2210,7 +2120,7 @@ "text": "DefaultDataControlState" } ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2225,7 +2135,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -2261,7 +2171,7 @@ "OptionsListControlState", ", controlId?: string | undefined) => void" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2291,7 +2201,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2306,7 +2216,7 @@ "signature": [ "OptionsListControlState" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2321,7 +2231,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -2357,7 +2267,7 @@ "RangesliderControlState", ", controlId?: string | undefined) => void" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2387,7 +2297,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2402,7 +2312,7 @@ "signature": [ "RangesliderControlState" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2417,7 +2327,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -2451,7 +2361,7 @@ }, ">>, controlId?: string | undefined) => void" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -2481,7 +2391,7 @@ }, ">>" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": true @@ -2496,7 +2406,7 @@ "signature": [ "string | undefined" ], - "path": "src/plugins/controls/public/react_controls/control_group/utils/control_group_state_builder.ts", + "path": "src/plugins/controls/public/control_group/utils/control_group_state_builder.ts", "deprecated": false, "trackAdoption": false, "isRequired": false @@ -3360,30 +3270,30 @@ }, { "parentPluginId": "controls", - "id": "def-common.ControlPanelState", + "id": "def-common.ControlLabelPosition", "type": "Type", "tags": [], - "label": "ControlPanelState", + "label": "ControlLabelPosition", "description": [], "signature": [ - "State & { type: string; order: number; }" + "\"twoLine\" | \"oneLine\"" ], - "path": "src/plugins/controls/common/control_group/types.ts", + "path": "src/plugins/controls/common/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false }, { "parentPluginId": "controls", - "id": "def-common.ControlStyle", + "id": "def-common.ControlPanelState", "type": "Type", "tags": [], - "label": "ControlStyle", + "label": "ControlPanelState", "description": [], "signature": [ - "\"twoLine\" | \"oneLine\"" + "State & { type: string; order: number; }" ], - "path": "src/plugins/controls/common/types.ts", + "path": "src/plugins/controls/common/control_group/types.ts", "deprecated": false, "trackAdoption": false, "initialIsOpen": false @@ -3417,10 +3327,10 @@ }, { "parentPluginId": "controls", - "id": "def-common.DEFAULT_CONTROL_STYLE", + "id": "def-common.DEFAULT_CONTROL_LABEL_POSITION", "type": "CompoundType", "tags": [], - "label": "DEFAULT_CONTROL_STYLE", + "label": "DEFAULT_CONTROL_LABEL_POSITION", "description": [], "signature": [ "\"twoLine\" | \"oneLine\"" diff --git a/api_docs/controls.mdx b/api_docs/controls.mdx index 30c7f2faa1d34..828ebf90b5f85 100644 --- a/api_docs/controls.mdx +++ b/api_docs/controls.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/controls title: "controls" image: https://source.unsplash.com/400x175/?github description: API docs for the controls plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'controls'] --- import controlsObj from './controls.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kib | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 138 | 0 | 134 | 14 | +| 134 | 0 | 130 | 14 | ## Client diff --git a/api_docs/custom_integrations.mdx b/api_docs/custom_integrations.mdx index c6ecf88f3dc93..8953357ee4a5d 100644 --- a/api_docs/custom_integrations.mdx +++ b/api_docs/custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/customIntegrations title: "customIntegrations" image: https://source.unsplash.com/400x175/?github description: API docs for the customIntegrations plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'customIntegrations'] --- import customIntegrationsObj from './custom_integrations.devdocs.json'; diff --git a/api_docs/dashboard.devdocs.json b/api_docs/dashboard.devdocs.json index ccd7ec7b1da4c..8cb2ab4a82d47 100644 --- a/api_docs/dashboard.devdocs.json +++ b/api_docs/dashboard.devdocs.json @@ -939,7 +939,23 @@ "section": "def-public.PublishingSubject", "text": "PublishingSubject" }, - "; forceRefresh: () => void; getPanelsState: () => ", + "; forceRefresh: () => void; getDashboardPanelFromId: (id: string) => Promise<", + { + "pluginId": "dashboard", + "scope": "common", + "docId": "kibDashboardPluginApi", + "section": "def-common.DashboardPanelState", + "text": "DashboardPanelState" + }, + "<", + { + "pluginId": "embeddable", + "scope": "common", + "docId": "kibEmbeddablePluginApi", + "section": "def-common.SavedObjectEmbeddableInput", + "text": "SavedObjectEmbeddableInput" + }, + ">>; getPanelsState: () => ", { "pluginId": "dashboard", "scope": "common", diff --git a/api_docs/dashboard.mdx b/api_docs/dashboard.mdx index 9bce02e76e9f8..787ea074ae56f 100644 --- a/api_docs/dashboard.mdx +++ b/api_docs/dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboard title: "dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboard plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboard'] --- import dashboardObj from './dashboard.devdocs.json'; diff --git a/api_docs/dashboard_enhanced.mdx b/api_docs/dashboard_enhanced.mdx index 0b99232ddb3a6..b7193bdad55a2 100644 --- a/api_docs/dashboard_enhanced.mdx +++ b/api_docs/dashboard_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboardEnhanced title: "dashboardEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboardEnhanced plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboardEnhanced'] --- import dashboardEnhancedObj from './dashboard_enhanced.devdocs.json'; diff --git a/api_docs/data.devdocs.json b/api_docs/data.devdocs.json index a5d021e9a0505..fc81984f7b688 100644 --- a/api_docs/data.devdocs.json +++ b/api_docs/data.devdocs.json @@ -11731,14 +11731,6 @@ { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/public/common/mock/endpoint/dependencies_start_mock.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" } ] }, diff --git a/api_docs/data.mdx b/api_docs/data.mdx index 0d10393c7ac44..aff51e317e940 100644 --- a/api_docs/data.mdx +++ b/api_docs/data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data title: "data" image: https://source.unsplash.com/400x175/?github description: API docs for the data plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data'] --- import dataObj from './data.devdocs.json'; diff --git a/api_docs/data_quality.mdx b/api_docs/data_quality.mdx index bb1116e215251..c9232391a7a37 100644 --- a/api_docs/data_quality.mdx +++ b/api_docs/data_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataQuality title: "dataQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the dataQuality plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataQuality'] --- import dataQualityObj from './data_quality.devdocs.json'; diff --git a/api_docs/data_query.mdx b/api_docs/data_query.mdx index 8b715935d85d9..18c76189bbdc1 100644 --- a/api_docs/data_query.mdx +++ b/api_docs/data_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-query title: "data.query" image: https://source.unsplash.com/400x175/?github description: API docs for the data.query plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.query'] --- import dataQueryObj from './data_query.devdocs.json'; diff --git a/api_docs/data_search.mdx b/api_docs/data_search.mdx index 2e3fd844ea627..0a8beabf4a094 100644 --- a/api_docs/data_search.mdx +++ b/api_docs/data_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-search title: "data.search" image: https://source.unsplash.com/400x175/?github description: API docs for the data.search plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.search'] --- import dataSearchObj from './data_search.devdocs.json'; diff --git a/api_docs/data_usage.devdocs.json b/api_docs/data_usage.devdocs.json new file mode 100644 index 0000000000000..835cb7f1ef9a3 --- /dev/null +++ b/api_docs/data_usage.devdocs.json @@ -0,0 +1,111 @@ +{ + "id": "dataUsage", + "client": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [], + "setup": { + "parentPluginId": "dataUsage", + "id": "def-public.DataUsagePublicSetup", + "type": "Interface", + "tags": [], + "label": "DataUsagePublicSetup", + "description": [], + "path": "x-pack/plugins/data_usage/public/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "setup", + "initialIsOpen": true + }, + "start": { + "parentPluginId": "dataUsage", + "id": "def-public.DataUsagePublicStart", + "type": "Interface", + "tags": [], + "label": "DataUsagePublicStart", + "description": [], + "path": "x-pack/plugins/data_usage/public/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "start", + "initialIsOpen": true + } + }, + "server": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [], + "setup": { + "parentPluginId": "dataUsage", + "id": "def-server.DataUsageServerSetup", + "type": "Interface", + "tags": [], + "label": "DataUsageServerSetup", + "description": [], + "path": "x-pack/plugins/data_usage/server/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "setup", + "initialIsOpen": true + }, + "start": { + "parentPluginId": "dataUsage", + "id": "def-server.DataUsageServerStart", + "type": "Interface", + "tags": [], + "label": "DataUsageServerStart", + "description": [], + "path": "x-pack/plugins/data_usage/server/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "lifecycle": "start", + "initialIsOpen": true + } + }, + "common": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [ + { + "parentPluginId": "dataUsage", + "id": "def-common.PLUGIN_ID", + "type": "string", + "tags": [], + "label": "PLUGIN_ID", + "description": [], + "signature": [ + "\"data_usage\"" + ], + "path": "x-pack/plugins/data_usage/common/index.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "dataUsage", + "id": "def-common.PLUGIN_NAME", + "type": "string", + "tags": [], + "label": "PLUGIN_NAME", + "description": [], + "path": "x-pack/plugins/data_usage/common/index.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + } + ], + "objects": [] + } +} \ No newline at end of file diff --git a/api_docs/data_usage.mdx b/api_docs/data_usage.mdx new file mode 100644 index 0000000000000..998b0ebf701f4 --- /dev/null +++ b/api_docs/data_usage.mdx @@ -0,0 +1,46 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibDataUsagePluginApi +slug: /kibana-dev-docs/api/dataUsage +title: "dataUsage" +image: https://source.unsplash.com/400x175/?github +description: API docs for the dataUsage plugin +date: 2024-09-23 +tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataUsage'] +--- +import dataUsageObj from './data_usage.devdocs.json'; + + + +Contact [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 6 | 0 | 6 | 0 | + +## Client + +### Setup + + +### Start + + +## Server + +### Setup + + +### Start + + +## Common + +### Consts, variables and types + + diff --git a/api_docs/data_view_editor.mdx b/api_docs/data_view_editor.mdx index b0d223ed36891..69b7fabcc9c15 100644 --- a/api_docs/data_view_editor.mdx +++ b/api_docs/data_view_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewEditor title: "dataViewEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewEditor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewEditor'] --- import dataViewEditorObj from './data_view_editor.devdocs.json'; diff --git a/api_docs/data_view_field_editor.mdx b/api_docs/data_view_field_editor.mdx index ac615ba564f2d..6726baec9021a 100644 --- a/api_docs/data_view_field_editor.mdx +++ b/api_docs/data_view_field_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewFieldEditor title: "dataViewFieldEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewFieldEditor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewFieldEditor'] --- import dataViewFieldEditorObj from './data_view_field_editor.devdocs.json'; diff --git a/api_docs/data_view_management.mdx b/api_docs/data_view_management.mdx index 365e29e4de7d1..d6ef9036e376e 100644 --- a/api_docs/data_view_management.mdx +++ b/api_docs/data_view_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewManagement title: "dataViewManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewManagement'] --- import dataViewManagementObj from './data_view_management.devdocs.json'; diff --git a/api_docs/data_views.devdocs.json b/api_docs/data_views.devdocs.json index 9fdb448108404..f9b5b93e81fe8 100644 --- a/api_docs/data_views.devdocs.json +++ b/api_docs/data_views.devdocs.json @@ -14080,7 +14080,7 @@ }, { "plugin": "controls", - "path": "src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts" + "path": "src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts" }, { "plugin": "@kbn/lens-embeddable-utils", @@ -14390,10 +14390,6 @@ "plugin": "transform", "path": "x-pack/plugins/transform/public/app/sections/create_transform/components/step_define/common/common.test.ts" }, - { - "plugin": "controls", - "path": "src/plugins/controls/public/services/data_views/data_views.stub.ts" - }, { "plugin": "dataViewManagement", "path": "src/plugins/data_view_management/public/components/edit_index_pattern/edit_index_pattern.tsx" diff --git a/api_docs/data_views.mdx b/api_docs/data_views.mdx index 5ce3d1e7d3a65..f175b39c846b2 100644 --- a/api_docs/data_views.mdx +++ b/api_docs/data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViews title: "dataViews" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViews plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViews'] --- import dataViewsObj from './data_views.devdocs.json'; diff --git a/api_docs/data_visualizer.mdx b/api_docs/data_visualizer.mdx index 78bc2a29e4761..f5d9baae2b729 100644 --- a/api_docs/data_visualizer.mdx +++ b/api_docs/data_visualizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataVisualizer title: "dataVisualizer" image: https://source.unsplash.com/400x175/?github description: API docs for the dataVisualizer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataVisualizer'] --- import dataVisualizerObj from './data_visualizer.devdocs.json'; diff --git a/api_docs/dataset_quality.mdx b/api_docs/dataset_quality.mdx index 0819ed916e673..ed346bb4f6136 100644 --- a/api_docs/dataset_quality.mdx +++ b/api_docs/dataset_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/datasetQuality title: "datasetQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the datasetQuality plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'datasetQuality'] --- import datasetQualityObj from './dataset_quality.devdocs.json'; diff --git a/api_docs/deprecations_by_api.mdx b/api_docs/deprecations_by_api.mdx index a70b90b8c5440..510fd282bfb48 100644 --- a/api_docs/deprecations_by_api.mdx +++ b/api_docs/deprecations_by_api.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByApi slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-api title: Deprecated API usage by API description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -21,10 +21,10 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | ml, securitySolution | - | | | actions, savedObjectsTagging, ml, enterpriseSearch | - | | | @kbn/core-saved-objects-browser-internal, @kbn/core, savedObjects, visualizations, aiops, dataVisualizer, ml, dashboardEnhanced, graph, lens, securitySolution, eventAnnotation, @kbn/core-saved-objects-browser-mocks | - | -| | @kbn/core, savedObjects, embeddable, visualizations, canvas, graph, ml | - | +| | @kbn/core, embeddable, savedObjects, visualizations, canvas, graph, ml | - | | | @kbn/core-saved-objects-base-server-internal, @kbn/core-saved-objects-migration-server-internal, @kbn/core-saved-objects-server-internal, @kbn/core-ui-settings-server-internal, @kbn/core-usage-data-server-internal, taskManager, spaces, actions, @kbn/core-saved-objects-migration-server-mocks, share, dataViews, data, alerting, lens, cases, savedSearch, canvas, fleet, cloudSecurityPosture, ml, logsShared, graph, lists, maps, visualizations, infra, apmDataAccess, securitySolution, apm, slo, synthetics, uptime, dashboard, eventAnnotation, links, savedObjectsManagement, @kbn/core-test-helpers-so-type-serializer, @kbn/core-saved-objects-api-server-internal | - | | | stackAlerts, alerting, securitySolution, inputControlVis | - | -| | graph, stackAlerts, inputControlVis, securitySolution, savedObjects | - | +| | graph, stackAlerts, inputControlVis, securitySolution | - | | | dashboard, dataVisualizer, stackAlerts, expressionPartitionVis | - | | | stackAlerts, alerting, securitySolution, inputControlVis | - | | | triggersActionsUi | - | @@ -69,18 +69,18 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | alerting, observabilityAIAssistant, fleet, cloudSecurityPosture, entityManager, serverlessSearch, transform, upgradeAssistant, apm, synthetics, security | - | | | actions, alerting | - | | | monitoring | - | -| | @kbn/core-saved-objects-api-browser, @kbn/core, savedObjects, savedObjectsManagement, visualizations, savedObjectsTagging, eventAnnotation, lens, maps, graph, dashboard, savedObjectsTaggingOss, kibanaUtils, expressions, data, embeddable, uiActionsEnhanced, canvas, dashboardEnhanced, globalSearchProviders, controls | - | +| | @kbn/core-saved-objects-api-browser, @kbn/core, savedObjectsManagement, savedObjects, visualizations, savedObjectsTagging, eventAnnotation, lens, maps, graph, dashboard, kibanaUtils, expressions, data, savedObjectsTaggingOss, embeddable, uiActionsEnhanced, canvas, dashboardEnhanced, globalSearchProviders, controls | - | | | @kbn/core-saved-objects-browser, @kbn/core-saved-objects-browser-internal, @kbn/core, home, savedObjects, visualizations, lens, visTypeTimeseries, @kbn/core-saved-objects-browser-mocks | - | | | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, savedObjects | - | | | @kbn/core-saved-objects-browser-mocks, home, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, savedObjects, visualizations | - | +| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, visualizations | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, savedObjects, dashboardEnhanced, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-mocks, savedObjects, dashboardEnhanced, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-mocks, savedObjects, @kbn/core-saved-objects-browser-internal | - | +| | @kbn/core-saved-objects-browser-mocks, dashboardEnhanced, savedObjects, @kbn/core-saved-objects-browser-internal | - | +| | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, discover, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | -| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks, savedObjects | - | +| | @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-browser-mocks | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-mocks, @kbn/core-saved-objects-browser-internal | - | | | @kbn/core-saved-objects-browser-internal | - | @@ -109,15 +109,14 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | graph, visTypeTimeseries, dataViewManagement | - | | | visualizations, graph | - | | | kubernetesSecurity, osquery, threatIntelligence | - | -| | @kbn/core-plugins-browser-internal, @kbn/core-root-browser-internal, home, savedObjects, unifiedSearch, visualizations, fileUpload, dashboardEnhanced, transform, discover, dataVisualizer | - | -| | @kbn/core, lens, savedObjects | - | | | lens, dashboard, canvas | - | | | lens, dashboard | - | -| | lens, controls, dashboard, investigateApp | - | +| | lens, dashboard, investigateApp | - | | | canvas, dashboard | - | | | dashboard | - | | | embeddable, dashboard | - | | | dashboard, maps | - | +| | @kbn/core-plugins-browser-internal, @kbn/core-root-browser-internal, home, unifiedSearch, visualizations, fileUpload, dashboardEnhanced, transform, discover, dataVisualizer | - | | | dataViews, maps | - | | | dataViews, dataViewManagement | - | | | dataViews, dataViewManagement | - | @@ -133,6 +132,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | unifiedSearch | - | | | unifiedSearch | - | | | lens | - | +| | @kbn/core, lens, savedObjects | - | | | canvas | - | | | canvas | - | | | canvas | - | @@ -182,7 +182,6 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | security, @kbn/security-role-management-model | 8.8.0 | | | apm | 8.8.0 | | | mapsEms | 8.8.0 | -| | savedObjectsTaggingOss | 8.8.0 | | | @kbn/core-plugins-server-internal, @kbn/core | 8.8.0 | | | security | 8.8.0 @@ -236,7 +235,7 @@ Safe to remove. | | lists | | | lists | | | lists | -| | savedObjects | +| | savedObjects | | | security | | | serverless | | | taskManager | diff --git a/api_docs/deprecations_by_plugin.mdx b/api_docs/deprecations_by_plugin.mdx index 59fda57ae680d..90decb28037bf 100644 --- a/api_docs/deprecations_by_plugin.mdx +++ b/api_docs/deprecations_by_plugin.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByPlugin slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-plugin title: Deprecated API usage by plugin description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -623,8 +623,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [options_list_fetch_cache.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/react_controls/controls/data_controls/options_list_control/options_list_fetch_cache.ts#:~:text=title), [data_views.stub.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/services/data_views/data_views.stub.ts#:~:text=title) | - | -| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/services/embeddable/types.ts#:~:text=getEmbeddableFactory), [embeddable_service.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/services/embeddable/embeddable_service.ts#:~:text=getEmbeddableFactory), [embeddable.stub.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/services/embeddable/embeddable.stub.ts#:~:text=getEmbeddableFactory) | - | +| | [options_list_fetch_cache.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/public/controls/data_controls/options_list_control/options_list_fetch_cache.ts#:~:text=title) | - | | | [control_group_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/control_group/control_group_persistable_state.ts#:~:text=SavedObjectReference), [control_group_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/control_group/control_group_persistable_state.ts#:~:text=SavedObjectReference), [control_group_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/control_group/control_group_persistable_state.ts#:~:text=SavedObjectReference), [options_list_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/options_list/options_list_persistable_state.ts#:~:text=SavedObjectReference), [options_list_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/options_list/options_list_persistable_state.ts#:~:text=SavedObjectReference), [options_list_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/options_list/options_list_persistable_state.ts#:~:text=SavedObjectReference), [range_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/range_slider/range_slider_persistable_state.ts#:~:text=SavedObjectReference), [range_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/range_slider/range_slider_persistable_state.ts#:~:text=SavedObjectReference), [range_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/range_slider/range_slider_persistable_state.ts#:~:text=SavedObjectReference), [time_slider_persistable_state.ts](https://github.com/elastic/kibana/tree/main/src/plugins/controls/server/time_slider/time_slider_persistable_state.ts#:~:text=SavedObjectReference)+ 2 more | - | @@ -1228,20 +1227,15 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=indexPatterns), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=indexPatterns) | - | -| | [plugin.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/plugin.ts#:~:text=savedObjects) | - | -| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=SavedObjectsClientContract), [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract)+ 5 more | - | -| | [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [save_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts#:~:text=create), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=create)+ 9 more | - | -| | [build_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts#:~:text=delete) | - | -| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=find), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find) | - | -| | [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=get), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=get) | - | -| | [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=bulkGet) | - | -| | [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=update) | - | -| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject), [saved_object.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/saved_object.test.ts#:~:text=SimpleSavedObject)+ 4 more | - | +| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObjectsClientContract)+ 5 more | - | +| | [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=create), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=create), [save_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=create)+ 1 more | - | +| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=find) | - | +| | [initialize_saved_object.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts#:~:text=get) | - | +| | [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SimpleSavedObject) | - | | | [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=SavedObjectsCreateOptions), [save_with_confirmation.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts#:~:text=SavedObjectsCreateOptions) | - | | | [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=simpleSavedObjectMock), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=simpleSavedObjectMock) | - | | | [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObject), [find_object_by_title.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts#:~:text=SavedObject) | - | -| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=SavedObjectAttributes), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectAttributes)+ 15 more | - | +| | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [find_object_by_title.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts#:~:text=SavedObjectAttributes), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectAttributes), [save_with_confirmation.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts#:~:text=SavedObjectAttributes), [create_source.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/saved_object/helpers/create_source.ts#:~:text=SavedObjectAttributes)+ 4 more | - | | | [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects/public/types.ts#:~:text=SavedObjectReference) | - | @@ -1273,9 +1267,8 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Deprecated API | Reference location(s) | Remove By | | ---------------|-----------|-----------| -| | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject) | 8.8.0 | | | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject) | - | -| | [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [extract_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts#:~:text=SavedObjectReference), [inject_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts#:~:text=SavedObjectReference), [inject_tag_references.test.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference)+ 2 more | - | +| | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObjectReference) | - | diff --git a/api_docs/deprecations_by_team.mdx b/api_docs/deprecations_by_team.mdx index bcb2a7dfb8bce..338a02ad98539 100644 --- a/api_docs/deprecations_by_team.mdx +++ b/api_docs/deprecations_by_team.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsDueByTeam slug: /kibana-dev-docs/api-meta/deprecations-due-by-team title: Deprecated APIs due to be removed, by team description: Lists the teams that are referencing deprecated APIs with a remove by date. -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -16,7 +16,6 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Plugin | Deprecated API | Reference location(s) | Remove By | | --------|-------|-----------|-----------| -| savedObjectsTaggingOss | | [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [types.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/decorator/types.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject), [api.ts](https://github.com/elastic/kibana/tree/main/src/plugins/saved_objects_tagging_oss/public/api.ts#:~:text=SavedObject) | 8.8.0 | | kibanaOverview | | [application.tsx](https://github.com/elastic/kibana/tree/main/src/plugins/kibana_overview/public/application.tsx#:~:text=appBasePath) | 8.8.0 | diff --git a/api_docs/dev_tools.mdx b/api_docs/dev_tools.mdx index 9a6ca17e5097b..657e376b63954 100644 --- a/api_docs/dev_tools.mdx +++ b/api_docs/dev_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/devTools title: "devTools" image: https://source.unsplash.com/400x175/?github description: API docs for the devTools plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'devTools'] --- import devToolsObj from './dev_tools.devdocs.json'; diff --git a/api_docs/discover.mdx b/api_docs/discover.mdx index 2956e3c1fff47..41762cbdf56fe 100644 --- a/api_docs/discover.mdx +++ b/api_docs/discover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discover title: "discover" image: https://source.unsplash.com/400x175/?github description: API docs for the discover plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discover'] --- import discoverObj from './discover.devdocs.json'; diff --git a/api_docs/discover_enhanced.mdx b/api_docs/discover_enhanced.mdx index 5051d5eec9715..7ba88702a6dd0 100644 --- a/api_docs/discover_enhanced.mdx +++ b/api_docs/discover_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverEnhanced title: "discoverEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverEnhanced plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverEnhanced'] --- import discoverEnhancedObj from './discover_enhanced.devdocs.json'; diff --git a/api_docs/discover_shared.mdx b/api_docs/discover_shared.mdx index 669f55d105fd7..cb18e2eb1833a 100644 --- a/api_docs/discover_shared.mdx +++ b/api_docs/discover_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverShared title: "discoverShared" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverShared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverShared'] --- import discoverSharedObj from './discover_shared.devdocs.json'; diff --git a/api_docs/ecs_data_quality_dashboard.mdx b/api_docs/ecs_data_quality_dashboard.mdx index 4400f84cd4176..b6daf0319568b 100644 --- a/api_docs/ecs_data_quality_dashboard.mdx +++ b/api_docs/ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ecsDataQualityDashboard title: "ecsDataQualityDashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the ecsDataQualityDashboard plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ecsDataQualityDashboard'] --- import ecsDataQualityDashboardObj from './ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/elastic_assistant.mdx b/api_docs/elastic_assistant.mdx index 9ac382f688ffa..a7fab4235ca9f 100644 --- a/api_docs/elastic_assistant.mdx +++ b/api_docs/elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/elasticAssistant title: "elasticAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the elasticAssistant plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'elasticAssistant'] --- import elasticAssistantObj from './elastic_assistant.devdocs.json'; diff --git a/api_docs/embeddable.devdocs.json b/api_docs/embeddable.devdocs.json index 82dda87fc5960..6b628765d44af 100644 --- a/api_docs/embeddable.devdocs.json +++ b/api_docs/embeddable.devdocs.json @@ -14874,14 +14874,6 @@ "plugin": "lens", "path": "x-pack/plugins/lens/public/embeddable/embeddable_component.tsx" }, - { - "plugin": "controls", - "path": "src/plugins/controls/public/services/embeddable/types.ts" - }, - { - "plugin": "controls", - "path": "src/plugins/controls/public/services/embeddable/embeddable_service.ts" - }, { "plugin": "dashboard", "path": "src/plugins/dashboard/public/services/dashboard_content_management/lib/migrate_dashboard_input.ts" @@ -14906,10 +14898,6 @@ "plugin": "dashboard", "path": "src/plugins/dashboard/public/services/embeddable/embeddable.stub.ts" }, - { - "plugin": "controls", - "path": "src/plugins/controls/public/services/embeddable/embeddable.stub.ts" - }, { "plugin": "dashboard", "path": "src/plugins/dashboard/public/dashboard_container/embeddable/create/create_dashboard.test.ts" diff --git a/api_docs/embeddable.mdx b/api_docs/embeddable.mdx index 6a8ab26813525..a3d122feb00d8 100644 --- a/api_docs/embeddable.mdx +++ b/api_docs/embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddable title: "embeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddable plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddable'] --- import embeddableObj from './embeddable.devdocs.json'; diff --git a/api_docs/embeddable_enhanced.mdx b/api_docs/embeddable_enhanced.mdx index c239b13ac36b8..422668bbf2dcd 100644 --- a/api_docs/embeddable_enhanced.mdx +++ b/api_docs/embeddable_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddableEnhanced title: "embeddableEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddableEnhanced plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddableEnhanced'] --- import embeddableEnhancedObj from './embeddable_enhanced.devdocs.json'; diff --git a/api_docs/encrypted_saved_objects.mdx b/api_docs/encrypted_saved_objects.mdx index 804c6f28dc0a5..932f0d19f5124 100644 --- a/api_docs/encrypted_saved_objects.mdx +++ b/api_docs/encrypted_saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/encryptedSavedObjects title: "encryptedSavedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the encryptedSavedObjects plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'encryptedSavedObjects'] --- import encryptedSavedObjectsObj from './encrypted_saved_objects.devdocs.json'; diff --git a/api_docs/enterprise_search.mdx b/api_docs/enterprise_search.mdx index 8f021b66213fd..5ab0d4227eda9 100644 --- a/api_docs/enterprise_search.mdx +++ b/api_docs/enterprise_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/enterpriseSearch title: "enterpriseSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the enterpriseSearch plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'enterpriseSearch'] --- import enterpriseSearchObj from './enterprise_search.devdocs.json'; diff --git a/api_docs/entities_data_access.mdx b/api_docs/entities_data_access.mdx index 98cca9fff6dc3..c6f6f28744668 100644 --- a/api_docs/entities_data_access.mdx +++ b/api_docs/entities_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entitiesDataAccess title: "entitiesDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the entitiesDataAccess plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entitiesDataAccess'] --- import entitiesDataAccessObj from './entities_data_access.devdocs.json'; diff --git a/api_docs/entity_manager.mdx b/api_docs/entity_manager.mdx index 2caaad0462184..9af13b2901cad 100644 --- a/api_docs/entity_manager.mdx +++ b/api_docs/entity_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entityManager title: "entityManager" image: https://source.unsplash.com/400x175/?github description: API docs for the entityManager plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entityManager'] --- import entityManagerObj from './entity_manager.devdocs.json'; diff --git a/api_docs/es_ui_shared.mdx b/api_docs/es_ui_shared.mdx index 2cac616056835..cfbbe006a111b 100644 --- a/api_docs/es_ui_shared.mdx +++ b/api_docs/es_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esUiShared title: "esUiShared" image: https://source.unsplash.com/400x175/?github description: API docs for the esUiShared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esUiShared'] --- import esUiSharedObj from './es_ui_shared.devdocs.json'; diff --git a/api_docs/esql.devdocs.json b/api_docs/esql.devdocs.json index ada151ff891ef..772be100e7465 100644 --- a/api_docs/esql.devdocs.json +++ b/api_docs/esql.devdocs.json @@ -440,6 +440,22 @@ "path": "packages/kbn-text-based-editor/src/types.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "esql", + "id": "def-public.TextBasedLanguagesEditorProps.displayDocumentationAsFlyout", + "type": "CompoundType", + "tags": [], + "label": "displayDocumentationAsFlyout", + "description": [ + "adds a documentation icon in the footer which opens the inline docs as a flyout" + ], + "signature": [ + "boolean | undefined" + ], + "path": "packages/kbn-text-based-editor/src/types.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/esql.mdx b/api_docs/esql.mdx index 6dbe40028c309..69b083d4da898 100644 --- a/api_docs/esql.mdx +++ b/api_docs/esql.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esql title: "esql" image: https://source.unsplash.com/400x175/?github description: API docs for the esql plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esql'] --- import esqlObj from './esql.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 24 | 0 | 9 | 0 | +| 25 | 0 | 9 | 0 | ## Client diff --git a/api_docs/esql_data_grid.mdx b/api_docs/esql_data_grid.mdx index af2ca301e79b4..bc93b6299f454 100644 --- a/api_docs/esql_data_grid.mdx +++ b/api_docs/esql_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esqlDataGrid title: "esqlDataGrid" image: https://source.unsplash.com/400x175/?github description: API docs for the esqlDataGrid plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esqlDataGrid'] --- import esqlDataGridObj from './esql_data_grid.devdocs.json'; diff --git a/api_docs/event_annotation.mdx b/api_docs/event_annotation.mdx index c8dc68d4ded72..048fb53c21021 100644 --- a/api_docs/event_annotation.mdx +++ b/api_docs/event_annotation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotation title: "eventAnnotation" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotation plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotation'] --- import eventAnnotationObj from './event_annotation.devdocs.json'; diff --git a/api_docs/event_annotation_listing.mdx b/api_docs/event_annotation_listing.mdx index 2e11f9022b774..2d0f4d86336de 100644 --- a/api_docs/event_annotation_listing.mdx +++ b/api_docs/event_annotation_listing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotationListing title: "eventAnnotationListing" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotationListing plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotationListing'] --- import eventAnnotationListingObj from './event_annotation_listing.devdocs.json'; diff --git a/api_docs/event_log.devdocs.json b/api_docs/event_log.devdocs.json index 87e2bf5cae0ac..5a66164ffcf07 100644 --- a/api_docs/event_log.devdocs.json +++ b/api_docs/event_log.devdocs.json @@ -222,6 +222,53 @@ ], "returnComment": [] }, + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateIndexTemplate", + "type": "Function", + "tags": [], + "label": "updateIndexTemplate", + "description": [], + "signature": [ + "(name: string, template: Record) => Promise" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateIndexTemplate.$1", + "type": "string", + "tags": [], + "label": "name", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateIndexTemplate.$2", + "type": "Object", + "tags": [], + "label": "template", + "description": [], + "signature": [ + "Record" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + }, { "parentPluginId": "eventLog", "id": "def-server.ClusterClientAdapter.getExistingLegacyIndexTemplates", @@ -495,7 +542,7 @@ "label": "createDataStream", "description": [], "signature": [ - "(name: string, body?: Record) => Promise" + "(name: string) => Promise" ], "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", "deprecated": false, @@ -515,16 +562,33 @@ "deprecated": false, "trackAdoption": false, "isRequired": true - }, + } + ], + "returnComment": [] + }, + { + "parentPluginId": "eventLog", + "id": "def-server.ClusterClientAdapter.updateConcreteIndices", + "type": "Function", + "tags": [], + "label": "updateConcreteIndices", + "description": [], + "signature": [ + "(name: string) => Promise" + ], + "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "eventLog", - "id": "def-server.ClusterClientAdapter.createDataStream.$2", - "type": "Object", + "id": "def-server.ClusterClientAdapter.updateConcreteIndices.$1", + "type": "string", "tags": [], - "label": "body", + "label": "name", "description": [], "signature": [ - "Record" + "string" ], "path": "x-pack/plugins/event_log/server/es/cluster_client_adapter.ts", "deprecated": false, diff --git a/api_docs/event_log.mdx b/api_docs/event_log.mdx index 3636b498eea6a..667d3856064a3 100644 --- a/api_docs/event_log.mdx +++ b/api_docs/event_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventLog title: "eventLog" image: https://source.unsplash.com/400x175/?github description: API docs for the eventLog plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventLog'] --- import eventLogObj from './event_log.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-o | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 112 | 0 | 112 | 11 | +| 116 | 0 | 116 | 11 | ## Server diff --git a/api_docs/exploratory_view.mdx b/api_docs/exploratory_view.mdx index 67d93afe0b2bb..48659743aef7b 100644 --- a/api_docs/exploratory_view.mdx +++ b/api_docs/exploratory_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/exploratoryView title: "exploratoryView" image: https://source.unsplash.com/400x175/?github description: API docs for the exploratoryView plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'exploratoryView'] --- import exploratoryViewObj from './exploratory_view.devdocs.json'; diff --git a/api_docs/expression_error.mdx b/api_docs/expression_error.mdx index f46305151ec05..170f3a43e0dd6 100644 --- a/api_docs/expression_error.mdx +++ b/api_docs/expression_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionError title: "expressionError" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionError plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionError'] --- import expressionErrorObj from './expression_error.devdocs.json'; diff --git a/api_docs/expression_gauge.mdx b/api_docs/expression_gauge.mdx index 5069c0da2c125..203e92bfa12ef 100644 --- a/api_docs/expression_gauge.mdx +++ b/api_docs/expression_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionGauge title: "expressionGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionGauge plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionGauge'] --- import expressionGaugeObj from './expression_gauge.devdocs.json'; diff --git a/api_docs/expression_heatmap.mdx b/api_docs/expression_heatmap.mdx index 6b4dd9519d0dd..e54d35f29b3d8 100644 --- a/api_docs/expression_heatmap.mdx +++ b/api_docs/expression_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionHeatmap title: "expressionHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionHeatmap plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionHeatmap'] --- import expressionHeatmapObj from './expression_heatmap.devdocs.json'; diff --git a/api_docs/expression_image.mdx b/api_docs/expression_image.mdx index 006f57341b075..e2068a08af1da 100644 --- a/api_docs/expression_image.mdx +++ b/api_docs/expression_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionImage title: "expressionImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionImage plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionImage'] --- import expressionImageObj from './expression_image.devdocs.json'; diff --git a/api_docs/expression_legacy_metric_vis.mdx b/api_docs/expression_legacy_metric_vis.mdx index 6ec96d011f44f..0d78ea0ebe73b 100644 --- a/api_docs/expression_legacy_metric_vis.mdx +++ b/api_docs/expression_legacy_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionLegacyMetricVis title: "expressionLegacyMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionLegacyMetricVis plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionLegacyMetricVis'] --- import expressionLegacyMetricVisObj from './expression_legacy_metric_vis.devdocs.json'; diff --git a/api_docs/expression_metric.mdx b/api_docs/expression_metric.mdx index 74a3b210fe6c9..410b3326a166a 100644 --- a/api_docs/expression_metric.mdx +++ b/api_docs/expression_metric.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetric title: "expressionMetric" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetric plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetric'] --- import expressionMetricObj from './expression_metric.devdocs.json'; diff --git a/api_docs/expression_metric_vis.mdx b/api_docs/expression_metric_vis.mdx index b54fb51145dfd..d07bdccd3715f 100644 --- a/api_docs/expression_metric_vis.mdx +++ b/api_docs/expression_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetricVis title: "expressionMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetricVis plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetricVis'] --- import expressionMetricVisObj from './expression_metric_vis.devdocs.json'; diff --git a/api_docs/expression_partition_vis.mdx b/api_docs/expression_partition_vis.mdx index 1441af154179a..0b7d9d8319e00 100644 --- a/api_docs/expression_partition_vis.mdx +++ b/api_docs/expression_partition_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionPartitionVis title: "expressionPartitionVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionPartitionVis plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionPartitionVis'] --- import expressionPartitionVisObj from './expression_partition_vis.devdocs.json'; diff --git a/api_docs/expression_repeat_image.mdx b/api_docs/expression_repeat_image.mdx index f8facbe84550d..60f3ff0e65a7f 100644 --- a/api_docs/expression_repeat_image.mdx +++ b/api_docs/expression_repeat_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRepeatImage title: "expressionRepeatImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRepeatImage plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRepeatImage'] --- import expressionRepeatImageObj from './expression_repeat_image.devdocs.json'; diff --git a/api_docs/expression_reveal_image.mdx b/api_docs/expression_reveal_image.mdx index a74c7a9660bad..a91258587d0fa 100644 --- a/api_docs/expression_reveal_image.mdx +++ b/api_docs/expression_reveal_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRevealImage title: "expressionRevealImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRevealImage plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRevealImage'] --- import expressionRevealImageObj from './expression_reveal_image.devdocs.json'; diff --git a/api_docs/expression_shape.mdx b/api_docs/expression_shape.mdx index f2f7b44975220..1a8bdcff2906b 100644 --- a/api_docs/expression_shape.mdx +++ b/api_docs/expression_shape.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionShape title: "expressionShape" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionShape plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionShape'] --- import expressionShapeObj from './expression_shape.devdocs.json'; diff --git a/api_docs/expression_tagcloud.mdx b/api_docs/expression_tagcloud.mdx index 9cb109b5763ab..710cfd3cb0a0f 100644 --- a/api_docs/expression_tagcloud.mdx +++ b/api_docs/expression_tagcloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionTagcloud title: "expressionTagcloud" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionTagcloud plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionTagcloud'] --- import expressionTagcloudObj from './expression_tagcloud.devdocs.json'; diff --git a/api_docs/expression_x_y.mdx b/api_docs/expression_x_y.mdx index a03c685d602c0..7d9f43c97005b 100644 --- a/api_docs/expression_x_y.mdx +++ b/api_docs/expression_x_y.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionXY title: "expressionXY" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionXY plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionXY'] --- import expressionXYObj from './expression_x_y.devdocs.json'; diff --git a/api_docs/expressions.mdx b/api_docs/expressions.mdx index 1f2b134b09902..3b6d9e10572e2 100644 --- a/api_docs/expressions.mdx +++ b/api_docs/expressions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressions title: "expressions" image: https://source.unsplash.com/400x175/?github description: API docs for the expressions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressions'] --- import expressionsObj from './expressions.devdocs.json'; diff --git a/api_docs/features.mdx b/api_docs/features.mdx index f7fddce674289..cf27946387260 100644 --- a/api_docs/features.mdx +++ b/api_docs/features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/features title: "features" image: https://source.unsplash.com/400x175/?github description: API docs for the features plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'features'] --- import featuresObj from './features.devdocs.json'; diff --git a/api_docs/field_formats.mdx b/api_docs/field_formats.mdx index 9970f5cd7b2b3..0c0fcebcdd25d 100644 --- a/api_docs/field_formats.mdx +++ b/api_docs/field_formats.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldFormats title: "fieldFormats" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldFormats plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldFormats'] --- import fieldFormatsObj from './field_formats.devdocs.json'; diff --git a/api_docs/fields_metadata.mdx b/api_docs/fields_metadata.mdx index e2cb0dcee171a..d142d487f17db 100644 --- a/api_docs/fields_metadata.mdx +++ b/api_docs/fields_metadata.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldsMetadata title: "fieldsMetadata" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldsMetadata plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldsMetadata'] --- import fieldsMetadataObj from './fields_metadata.devdocs.json'; diff --git a/api_docs/file_upload.mdx b/api_docs/file_upload.mdx index 40f4da577b3bd..ee8533dc63e73 100644 --- a/api_docs/file_upload.mdx +++ b/api_docs/file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fileUpload title: "fileUpload" image: https://source.unsplash.com/400x175/?github description: API docs for the fileUpload plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fileUpload'] --- import fileUploadObj from './file_upload.devdocs.json'; diff --git a/api_docs/files.mdx b/api_docs/files.mdx index ec31b8f803a34..c4d67f2e5c3d4 100644 --- a/api_docs/files.mdx +++ b/api_docs/files.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/files title: "files" image: https://source.unsplash.com/400x175/?github description: API docs for the files plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'files'] --- import filesObj from './files.devdocs.json'; diff --git a/api_docs/files_management.mdx b/api_docs/files_management.mdx index 532df3d04b95d..84b2e56d30778 100644 --- a/api_docs/files_management.mdx +++ b/api_docs/files_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/filesManagement title: "filesManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the filesManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'filesManagement'] --- import filesManagementObj from './files_management.devdocs.json'; diff --git a/api_docs/fleet.devdocs.json b/api_docs/fleet.devdocs.json index 0e40a7c831668..a0ebb6ff1e8b3 100644 --- a/api_docs/fleet.devdocs.json +++ b/api_docs/fleet.devdocs.json @@ -23690,6 +23690,48 @@ "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.NewAgentPolicy.monitoring_pprof_enabled", + "type": "CompoundType", + "tags": [], + "label": "monitoring_pprof_enabled", + "description": [], + "signature": [ + "boolean | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.NewAgentPolicy.monitoring_http", + "type": "Object", + "tags": [], + "label": "monitoring_http", + "description": [], + "signature": [ + "{ enabled: boolean; host?: string | undefined; port?: number | undefined; } | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.NewAgentPolicy.monitoring_diagnostics", + "type": "Object", + "tags": [], + "label": "monitoring_diagnostics", + "description": [], + "signature": [ + "{ limit?: { interval?: string | undefined; burst?: number | undefined; } | undefined; uploader?: { max_retries?: number | undefined; init_dur?: string | undefined; max_dur?: string | undefined; } | undefined; } | undefined" + ], + "path": "x-pack/plugins/fleet/common/types/models/agent_policy.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/fleet.mdx b/api_docs/fleet.mdx index 963c29aeeaf2f..8629c06773f43 100644 --- a/api_docs/fleet.mdx +++ b/api_docs/fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fleet title: "fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the fleet plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fleet'] --- import fleetObj from './fleet.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) for questi | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 1361 | 5 | 1238 | 74 | +| 1364 | 5 | 1241 | 74 | ## Client diff --git a/api_docs/global_search.mdx b/api_docs/global_search.mdx index 6c7502c23834e..872e356706dbc 100644 --- a/api_docs/global_search.mdx +++ b/api_docs/global_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/globalSearch title: "globalSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the globalSearch plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'globalSearch'] --- import globalSearchObj from './global_search.devdocs.json'; diff --git a/api_docs/guided_onboarding.mdx b/api_docs/guided_onboarding.mdx index 27101147b048b..0a05893662545 100644 --- a/api_docs/guided_onboarding.mdx +++ b/api_docs/guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/guidedOnboarding title: "guidedOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the guidedOnboarding plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'guidedOnboarding'] --- import guidedOnboardingObj from './guided_onboarding.devdocs.json'; diff --git a/api_docs/home.mdx b/api_docs/home.mdx index a595d8e442cdd..f17cf5c15ada2 100644 --- a/api_docs/home.mdx +++ b/api_docs/home.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/home title: "home" image: https://source.unsplash.com/400x175/?github description: API docs for the home plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'home'] --- import homeObj from './home.devdocs.json'; diff --git a/api_docs/image_embeddable.mdx b/api_docs/image_embeddable.mdx index 5e4060262a598..9049b20281b5f 100644 --- a/api_docs/image_embeddable.mdx +++ b/api_docs/image_embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/imageEmbeddable title: "imageEmbeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the imageEmbeddable plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'imageEmbeddable'] --- import imageEmbeddableObj from './image_embeddable.devdocs.json'; diff --git a/api_docs/index_lifecycle_management.mdx b/api_docs/index_lifecycle_management.mdx index 1748ad11a6634..235229cc67312 100644 --- a/api_docs/index_lifecycle_management.mdx +++ b/api_docs/index_lifecycle_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexLifecycleManagement title: "indexLifecycleManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexLifecycleManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexLifecycleManagement'] --- import indexLifecycleManagementObj from './index_lifecycle_management.devdocs.json'; diff --git a/api_docs/index_management.mdx b/api_docs/index_management.mdx index 3ba25d341191f..4f5a15d8155fd 100644 --- a/api_docs/index_management.mdx +++ b/api_docs/index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexManagement title: "indexManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexManagement'] --- import indexManagementObj from './index_management.devdocs.json'; diff --git a/api_docs/inference.mdx b/api_docs/inference.mdx index 66181618d8318..bbe87f141d4f6 100644 --- a/api_docs/inference.mdx +++ b/api_docs/inference.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inference title: "inference" image: https://source.unsplash.com/400x175/?github description: API docs for the inference plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inference'] --- import inferenceObj from './inference.devdocs.json'; diff --git a/api_docs/infra.mdx b/api_docs/infra.mdx index d642ad0f5d423..a2ac0dcf4f298 100644 --- a/api_docs/infra.mdx +++ b/api_docs/infra.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/infra title: "infra" image: https://source.unsplash.com/400x175/?github description: API docs for the infra plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'infra'] --- import infraObj from './infra.devdocs.json'; diff --git a/api_docs/ingest_pipelines.mdx b/api_docs/ingest_pipelines.mdx index 8337adbc6aae9..e15c16e85aedb 100644 --- a/api_docs/ingest_pipelines.mdx +++ b/api_docs/ingest_pipelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ingestPipelines title: "ingestPipelines" image: https://source.unsplash.com/400x175/?github description: API docs for the ingestPipelines plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ingestPipelines'] --- import ingestPipelinesObj from './ingest_pipelines.devdocs.json'; diff --git a/api_docs/inspector.mdx b/api_docs/inspector.mdx index df459d1759558..aa9bfcf0cd663 100644 --- a/api_docs/inspector.mdx +++ b/api_docs/inspector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inspector title: "inspector" image: https://source.unsplash.com/400x175/?github description: API docs for the inspector plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inspector'] --- import inspectorObj from './inspector.devdocs.json'; diff --git a/api_docs/integration_assistant.mdx b/api_docs/integration_assistant.mdx index adaf5e32f9ff8..a690a6a8defae 100644 --- a/api_docs/integration_assistant.mdx +++ b/api_docs/integration_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/integrationAssistant title: "integrationAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the integrationAssistant plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'integrationAssistant'] --- import integrationAssistantObj from './integration_assistant.devdocs.json'; diff --git a/api_docs/interactive_setup.mdx b/api_docs/interactive_setup.mdx index 965f1fd3eeb24..62c33ea5d9f3f 100644 --- a/api_docs/interactive_setup.mdx +++ b/api_docs/interactive_setup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/interactiveSetup title: "interactiveSetup" image: https://source.unsplash.com/400x175/?github description: API docs for the interactiveSetup plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'interactiveSetup'] --- import interactiveSetupObj from './interactive_setup.devdocs.json'; diff --git a/api_docs/inventory.mdx b/api_docs/inventory.mdx index 1204fab3fbabd..1f78420c8ff8b 100644 --- a/api_docs/inventory.mdx +++ b/api_docs/inventory.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inventory title: "inventory" image: https://source.unsplash.com/400x175/?github description: API docs for the inventory plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inventory'] --- import inventoryObj from './inventory.devdocs.json'; diff --git a/api_docs/investigate.mdx b/api_docs/investigate.mdx index ec3a333bf1607..9cf9face3de83 100644 --- a/api_docs/investigate.mdx +++ b/api_docs/investigate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigate title: "investigate" image: https://source.unsplash.com/400x175/?github description: API docs for the investigate plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigate'] --- import investigateObj from './investigate.devdocs.json'; diff --git a/api_docs/investigate_app.mdx b/api_docs/investigate_app.mdx index b2432c9731006..f7f900f1d0a77 100644 --- a/api_docs/investigate_app.mdx +++ b/api_docs/investigate_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigateApp title: "investigateApp" image: https://source.unsplash.com/400x175/?github description: API docs for the investigateApp plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigateApp'] --- import investigateAppObj from './investigate_app.devdocs.json'; diff --git a/api_docs/kbn_ace.mdx b/api_docs/kbn_ace.mdx index 2cef4b004471c..223bef365590a 100644 --- a/api_docs/kbn_ace.mdx +++ b/api_docs/kbn_ace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ace title: "@kbn/ace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ace plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ace'] --- import kbnAceObj from './kbn_ace.devdocs.json'; diff --git a/api_docs/kbn_actions_types.mdx b/api_docs/kbn_actions_types.mdx index 783aeef6789a2..75a9b76c7977e 100644 --- a/api_docs/kbn_actions_types.mdx +++ b/api_docs/kbn_actions_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-actions-types title: "@kbn/actions-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/actions-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/actions-types'] --- import kbnActionsTypesObj from './kbn_actions_types.devdocs.json'; diff --git a/api_docs/kbn_aiops_components.mdx b/api_docs/kbn_aiops_components.mdx index e7354eb95c96d..13403c78daa5e 100644 --- a/api_docs/kbn_aiops_components.mdx +++ b/api_docs/kbn_aiops_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-components title: "@kbn/aiops-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-components'] --- import kbnAiopsComponentsObj from './kbn_aiops_components.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_pattern_analysis.mdx b/api_docs/kbn_aiops_log_pattern_analysis.mdx index 2bb0f94957c28..f9cfbf17ec235 100644 --- a/api_docs/kbn_aiops_log_pattern_analysis.mdx +++ b/api_docs/kbn_aiops_log_pattern_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-pattern-analysis title: "@kbn/aiops-log-pattern-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-pattern-analysis plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-pattern-analysis'] --- import kbnAiopsLogPatternAnalysisObj from './kbn_aiops_log_pattern_analysis.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_rate_analysis.mdx b/api_docs/kbn_aiops_log_rate_analysis.mdx index 9852f5677b23b..06db362fa0e67 100644 --- a/api_docs/kbn_aiops_log_rate_analysis.mdx +++ b/api_docs/kbn_aiops_log_rate_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-rate-analysis title: "@kbn/aiops-log-rate-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-rate-analysis plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-rate-analysis'] --- import kbnAiopsLogRateAnalysisObj from './kbn_aiops_log_rate_analysis.devdocs.json'; diff --git a/api_docs/kbn_alerting_api_integration_helpers.mdx b/api_docs/kbn_alerting_api_integration_helpers.mdx index 6f202edfacab7..cc78a9a6a3ca7 100644 --- a/api_docs/kbn_alerting_api_integration_helpers.mdx +++ b/api_docs/kbn_alerting_api_integration_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-api-integration-helpers title: "@kbn/alerting-api-integration-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-api-integration-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-api-integration-helpers'] --- import kbnAlertingApiIntegrationHelpersObj from './kbn_alerting_api_integration_helpers.devdocs.json'; diff --git a/api_docs/kbn_alerting_comparators.mdx b/api_docs/kbn_alerting_comparators.mdx index 675c7c5e4db24..19ff3f819f4eb 100644 --- a/api_docs/kbn_alerting_comparators.mdx +++ b/api_docs/kbn_alerting_comparators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-comparators title: "@kbn/alerting-comparators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-comparators plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-comparators'] --- import kbnAlertingComparatorsObj from './kbn_alerting_comparators.devdocs.json'; diff --git a/api_docs/kbn_alerting_state_types.mdx b/api_docs/kbn_alerting_state_types.mdx index abcb5caba8ea8..aefbfa43fedc1 100644 --- a/api_docs/kbn_alerting_state_types.mdx +++ b/api_docs/kbn_alerting_state_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-state-types title: "@kbn/alerting-state-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-state-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-state-types'] --- import kbnAlertingStateTypesObj from './kbn_alerting_state_types.devdocs.json'; diff --git a/api_docs/kbn_alerting_types.mdx b/api_docs/kbn_alerting_types.mdx index 4742e50f6e00d..7f4c4d1754e02 100644 --- a/api_docs/kbn_alerting_types.mdx +++ b/api_docs/kbn_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-types title: "@kbn/alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-types'] --- import kbnAlertingTypesObj from './kbn_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_alerts_as_data_utils.mdx b/api_docs/kbn_alerts_as_data_utils.mdx index 6a9fdc5235ab6..96e8bfd263664 100644 --- a/api_docs/kbn_alerts_as_data_utils.mdx +++ b/api_docs/kbn_alerts_as_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-as-data-utils title: "@kbn/alerts-as-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-as-data-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-as-data-utils'] --- import kbnAlertsAsDataUtilsObj from './kbn_alerts_as_data_utils.devdocs.json'; diff --git a/api_docs/kbn_alerts_grouping.mdx b/api_docs/kbn_alerts_grouping.mdx index 04fd3b9533b27..3d8d52b82115d 100644 --- a/api_docs/kbn_alerts_grouping.mdx +++ b/api_docs/kbn_alerts_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-grouping title: "@kbn/alerts-grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-grouping plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-grouping'] --- import kbnAlertsGroupingObj from './kbn_alerts_grouping.devdocs.json'; diff --git a/api_docs/kbn_alerts_ui_shared.devdocs.json b/api_docs/kbn_alerts_ui_shared.devdocs.json index 7202c7bd7bf1e..308237a6694e2 100644 --- a/api_docs/kbn_alerts_ui_shared.devdocs.json +++ b/api_docs/kbn_alerts_ui_shared.devdocs.json @@ -3496,7 +3496,7 @@ "text": "ControlGroupRendererProps" } ], - "path": "src/plugins/controls/public/react_controls/external_api/control_group_renderer_lazy.tsx", + "path": "src/plugins/controls/public/control_group/control_group_renderer/control_group_renderer_lazy.tsx", "deprecated": false, "trackAdoption": false } @@ -5957,14 +5957,6 @@ "section": "def-public.HasEditCapabilities", "text": "HasEditCapabilities" }, - " & ", - { - "pluginId": "@kbn/presentation-publishing", - "scope": "public", - "docId": "kibKbnPresentationPublishingPluginApi", - "section": "def-public.PublishesDataLoading", - "text": "PublishesDataLoading" - }, " & Pick<", { "pluginId": "@kbn/presentation-publishing", @@ -6076,8 +6068,8 @@ "pluginId": "controls", "scope": "common", "docId": "kibControlsPluginApi", - "section": "def-common.ControlStyle", - "text": "ControlStyle" + "section": "def-common.ControlLabelPosition", + "text": "ControlLabelPosition" }, ">; asyncResetUnsavedChanges: () => Promise; controlFetch$: (controlUuid: string) => ", "Observable", diff --git a/api_docs/kbn_alerts_ui_shared.mdx b/api_docs/kbn_alerts_ui_shared.mdx index 7c9340bf0f6d9..d993d7cde041c 100644 --- a/api_docs/kbn_alerts_ui_shared.mdx +++ b/api_docs/kbn_alerts_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-ui-shared title: "@kbn/alerts-ui-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-ui-shared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-ui-shared'] --- import kbnAlertsUiSharedObj from './kbn_alerts_ui_shared.devdocs.json'; diff --git a/api_docs/kbn_analytics.mdx b/api_docs/kbn_analytics.mdx index da8e66fde28b0..ecf18883e4caa 100644 --- a/api_docs/kbn_analytics.mdx +++ b/api_docs/kbn_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics title: "@kbn/analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics'] --- import kbnAnalyticsObj from './kbn_analytics.devdocs.json'; diff --git a/api_docs/kbn_analytics_collection_utils.mdx b/api_docs/kbn_analytics_collection_utils.mdx index 4d9eee6838a6a..d418b6c484928 100644 --- a/api_docs/kbn_analytics_collection_utils.mdx +++ b/api_docs/kbn_analytics_collection_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-collection-utils title: "@kbn/analytics-collection-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-collection-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-collection-utils'] --- import kbnAnalyticsCollectionUtilsObj from './kbn_analytics_collection_utils.devdocs.json'; diff --git a/api_docs/kbn_apm_config_loader.mdx b/api_docs/kbn_apm_config_loader.mdx index b2bf5bc09149f..4e2c15838912d 100644 --- a/api_docs/kbn_apm_config_loader.mdx +++ b/api_docs/kbn_apm_config_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-config-loader title: "@kbn/apm-config-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-config-loader plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-config-loader'] --- import kbnApmConfigLoaderObj from './kbn_apm_config_loader.devdocs.json'; diff --git a/api_docs/kbn_apm_data_view.mdx b/api_docs/kbn_apm_data_view.mdx index 213476c2289f4..a8c0305f6150c 100644 --- a/api_docs/kbn_apm_data_view.mdx +++ b/api_docs/kbn_apm_data_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-data-view title: "@kbn/apm-data-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-data-view plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-data-view'] --- import kbnApmDataViewObj from './kbn_apm_data_view.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace.mdx b/api_docs/kbn_apm_synthtrace.mdx index 4aec2fc7a6ab7..7b3e0e5edc359 100644 --- a/api_docs/kbn_apm_synthtrace.mdx +++ b/api_docs/kbn_apm_synthtrace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace title: "@kbn/apm-synthtrace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace'] --- import kbnApmSynthtraceObj from './kbn_apm_synthtrace.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace_client.mdx b/api_docs/kbn_apm_synthtrace_client.mdx index 95e0d9d7dc2e9..3da033437336b 100644 --- a/api_docs/kbn_apm_synthtrace_client.mdx +++ b/api_docs/kbn_apm_synthtrace_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace-client title: "@kbn/apm-synthtrace-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace-client plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace-client'] --- import kbnApmSynthtraceClientObj from './kbn_apm_synthtrace_client.devdocs.json'; diff --git a/api_docs/kbn_apm_types.devdocs.json b/api_docs/kbn_apm_types.devdocs.json index cbf59b082dbf3..100d04dd2c450 100644 --- a/api_docs/kbn_apm_types.devdocs.json +++ b/api_docs/kbn_apm_types.devdocs.json @@ -53,7 +53,7 @@ "label": "name", "description": [], "signature": [ - "\"java\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"java\" | \"opentelemetry\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\" | \"ios/swift\"" ], "path": "packages/kbn-apm-types/src/es_schemas/ui/fields/agent.ts", "deprecated": false, @@ -2678,7 +2678,7 @@ "label": "AgentName", "description": [], "signature": [ - "\"java\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"java\" | \"opentelemetry\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\" | \"ios/swift\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -4136,7 +4136,7 @@ "label": "OpenTelemetryAgentName", "description": [], "signature": [ - "\"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"opentelemetry\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, diff --git a/api_docs/kbn_apm_types.mdx b/api_docs/kbn_apm_types.mdx index 4137326507734..4d63a2bce4ad9 100644 --- a/api_docs/kbn_apm_types.mdx +++ b/api_docs/kbn_apm_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-types title: "@kbn/apm-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-types'] --- import kbnApmTypesObj from './kbn_apm_types.devdocs.json'; diff --git a/api_docs/kbn_apm_utils.mdx b/api_docs/kbn_apm_utils.mdx index 8a8ae8d215191..30568f136c9af 100644 --- a/api_docs/kbn_apm_utils.mdx +++ b/api_docs/kbn_apm_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-utils title: "@kbn/apm-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-utils'] --- import kbnApmUtilsObj from './kbn_apm_utils.devdocs.json'; diff --git a/api_docs/kbn_avc_banner.mdx b/api_docs/kbn_avc_banner.mdx index 9b6c7093e3ba7..6914e4d17b2d5 100644 --- a/api_docs/kbn_avc_banner.mdx +++ b/api_docs/kbn_avc_banner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-avc-banner title: "@kbn/avc-banner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/avc-banner plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/avc-banner'] --- import kbnAvcBannerObj from './kbn_avc_banner.devdocs.json'; diff --git a/api_docs/kbn_axe_config.mdx b/api_docs/kbn_axe_config.mdx index f9223489c42a5..54fe0e7af796b 100644 --- a/api_docs/kbn_axe_config.mdx +++ b/api_docs/kbn_axe_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-axe-config title: "@kbn/axe-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/axe-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/axe-config'] --- import kbnAxeConfigObj from './kbn_axe_config.devdocs.json'; diff --git a/api_docs/kbn_bfetch_error.mdx b/api_docs/kbn_bfetch_error.mdx index 98d1b165e9ff8..4b3ce4f3b7a0b 100644 --- a/api_docs/kbn_bfetch_error.mdx +++ b/api_docs/kbn_bfetch_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-bfetch-error title: "@kbn/bfetch-error" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/bfetch-error plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/bfetch-error'] --- import kbnBfetchErrorObj from './kbn_bfetch_error.devdocs.json'; diff --git a/api_docs/kbn_calculate_auto.mdx b/api_docs/kbn_calculate_auto.mdx index 588c903d7579d..300f6a8b014cd 100644 --- a/api_docs/kbn_calculate_auto.mdx +++ b/api_docs/kbn_calculate_auto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-auto title: "@kbn/calculate-auto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-auto plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-auto'] --- import kbnCalculateAutoObj from './kbn_calculate_auto.devdocs.json'; diff --git a/api_docs/kbn_calculate_width_from_char_count.mdx b/api_docs/kbn_calculate_width_from_char_count.mdx index 6754c37c58916..2096ccac4090d 100644 --- a/api_docs/kbn_calculate_width_from_char_count.mdx +++ b/api_docs/kbn_calculate_width_from_char_count.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-width-from-char-count title: "@kbn/calculate-width-from-char-count" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-width-from-char-count plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-width-from-char-count'] --- import kbnCalculateWidthFromCharCountObj from './kbn_calculate_width_from_char_count.devdocs.json'; diff --git a/api_docs/kbn_cases_components.mdx b/api_docs/kbn_cases_components.mdx index fb97731bf3e29..d41720408675d 100644 --- a/api_docs/kbn_cases_components.mdx +++ b/api_docs/kbn_cases_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cases-components title: "@kbn/cases-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cases-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cases-components'] --- import kbnCasesComponentsObj from './kbn_cases_components.devdocs.json'; diff --git a/api_docs/kbn_cbor.mdx b/api_docs/kbn_cbor.mdx index 6dd30ff4a078f..27ac176c8cf32 100644 --- a/api_docs/kbn_cbor.mdx +++ b/api_docs/kbn_cbor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cbor title: "@kbn/cbor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cbor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cbor'] --- import kbnCborObj from './kbn_cbor.devdocs.json'; diff --git a/api_docs/kbn_cell_actions.mdx b/api_docs/kbn_cell_actions.mdx index 476ee7fd63c5c..7c0938d1e26db 100644 --- a/api_docs/kbn_cell_actions.mdx +++ b/api_docs/kbn_cell_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cell-actions title: "@kbn/cell-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cell-actions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cell-actions'] --- import kbnCellActionsObj from './kbn_cell_actions.devdocs.json'; diff --git a/api_docs/kbn_chart_expressions_common.mdx b/api_docs/kbn_chart_expressions_common.mdx index 3b21310b02e98..9b78eaf259dbe 100644 --- a/api_docs/kbn_chart_expressions_common.mdx +++ b/api_docs/kbn_chart_expressions_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-expressions-common title: "@kbn/chart-expressions-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-expressions-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-expressions-common'] --- import kbnChartExpressionsCommonObj from './kbn_chart_expressions_common.devdocs.json'; diff --git a/api_docs/kbn_chart_icons.mdx b/api_docs/kbn_chart_icons.mdx index ead1c5f59e11a..1eed2b9bc6890 100644 --- a/api_docs/kbn_chart_icons.mdx +++ b/api_docs/kbn_chart_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-icons title: "@kbn/chart-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-icons plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-icons'] --- import kbnChartIconsObj from './kbn_chart_icons.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_core.mdx b/api_docs/kbn_ci_stats_core.mdx index 200a7d481f060..2ed7486db39a2 100644 --- a/api_docs/kbn_ci_stats_core.mdx +++ b/api_docs/kbn_ci_stats_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-core title: "@kbn/ci-stats-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-core plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-core'] --- import kbnCiStatsCoreObj from './kbn_ci_stats_core.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_performance_metrics.mdx b/api_docs/kbn_ci_stats_performance_metrics.mdx index 4d54a9dea3bac..4b16b5201bcb0 100644 --- a/api_docs/kbn_ci_stats_performance_metrics.mdx +++ b/api_docs/kbn_ci_stats_performance_metrics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-performance-metrics title: "@kbn/ci-stats-performance-metrics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-performance-metrics plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-performance-metrics'] --- import kbnCiStatsPerformanceMetricsObj from './kbn_ci_stats_performance_metrics.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_reporter.mdx b/api_docs/kbn_ci_stats_reporter.mdx index f1a36dea79537..3b7a10aba6001 100644 --- a/api_docs/kbn_ci_stats_reporter.mdx +++ b/api_docs/kbn_ci_stats_reporter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-reporter title: "@kbn/ci-stats-reporter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-reporter plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-reporter'] --- import kbnCiStatsReporterObj from './kbn_ci_stats_reporter.devdocs.json'; diff --git a/api_docs/kbn_cli_dev_mode.mdx b/api_docs/kbn_cli_dev_mode.mdx index 7c5481c3e699b..9fd6a7e3b867b 100644 --- a/api_docs/kbn_cli_dev_mode.mdx +++ b/api_docs/kbn_cli_dev_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cli-dev-mode title: "@kbn/cli-dev-mode" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cli-dev-mode plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cli-dev-mode'] --- import kbnCliDevModeObj from './kbn_cli_dev_mode.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture.mdx b/api_docs/kbn_cloud_security_posture.mdx index 6a3e05c3ea4cc..691626a71a317 100644 --- a/api_docs/kbn_cloud_security_posture.mdx +++ b/api_docs/kbn_cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture title: "@kbn/cloud-security-posture" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture'] --- import kbnCloudSecurityPostureObj from './kbn_cloud_security_posture.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture_common.devdocs.json b/api_docs/kbn_cloud_security_posture_common.devdocs.json index 6b7bbcb244bf2..bd91ea23fdcc0 100644 --- a/api_docs/kbn_cloud_security_posture_common.devdocs.json +++ b/api_docs/kbn_cloud_security_posture_common.devdocs.json @@ -149,6 +149,41 @@ ], "returnComment": [], "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.getAbbreviatedNumber", + "type": "Function", + "tags": [], + "label": "getAbbreviatedNumber", + "description": [ + "\nReturns an abbreviated number when the value is greater than or equal to 1000.\nThe abbreviated number is formatted using numeral:\n- thousand: k\n- million: m\n- billion: b\n- trillion: t" + ], + "signature": [ + "(value: number) => string | number" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.getAbbreviatedNumber.$1", + "type": "number", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "number" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/utils/get_abbreviated_number.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false } ], "interfaces": [ @@ -674,6 +709,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN", + "type": "string", + "tags": [], + "label": "CDR_LATEST_NATIVE_VULNERABILITIES_INDEX_PATTERN", + "description": [], + "signature": [ + "\"logs-cloud_security_posture.vulnerabilities_latest-default\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CDR_LATEST_THIRD_PARTY_MISCONFIGURATIONS_INDEX_PATTERN", @@ -689,6 +739,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN", + "type": "string", + "tags": [], + "label": "CDR_LATEST_THIRD_PARTY_VULNERABILITIES_INDEX_PATTERN", + "description": [], + "signature": [ + "\"security_solution-*.vulnerability_latest\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX", @@ -731,6 +796,18 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.CDR_VULNERABILITIES_INDEX_PATTERN", + "type": "string", + "tags": [], + "label": "CDR_VULNERABILITIES_INDEX_PATTERN", + "description": [], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.CLOUD_SECURITY_POSTURE_BASE_PATH", @@ -874,6 +951,21 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.LATEST_VULNERABILITIES_RETENTION_POLICY", + "type": "string", + "tags": [], + "label": "LATEST_VULNERABILITIES_RETENTION_POLICY", + "description": [], + "signature": [ + "\"3d\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/constants.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/cloud-security-posture-common", "id": "def-common.MAX_FINDINGS_TO_LOAD", @@ -933,6 +1025,21 @@ "deprecated": false, "trackAdoption": false, "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/cloud-security-posture-common", + "id": "def-common.VulnSeverity", + "type": "Type", + "tags": [], + "label": "VulnSeverity", + "description": [], + "signature": [ + "\"UNKNOWN\" | \"LOW\" | \"MEDIUM\" | \"HIGH\" | \"CRITICAL\"" + ], + "path": "x-pack/packages/kbn-cloud-security-posture-common/types/vulnerabilities.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false } ], "objects": [] diff --git a/api_docs/kbn_cloud_security_posture_common.mdx b/api_docs/kbn_cloud_security_posture_common.mdx index 7334cb8826fa7..17eb8b25275aa 100644 --- a/api_docs/kbn_cloud_security_posture_common.mdx +++ b/api_docs/kbn_cloud_security_posture_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture-common title: "@kbn/cloud-security-posture-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture-common'] --- import kbnCloudSecurityPostureCommonObj from './kbn_cloud_security_posture_common.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 61 | 0 | 60 | 0 | +| 68 | 0 | 66 | 0 | ## Common diff --git a/api_docs/kbn_code_editor.mdx b/api_docs/kbn_code_editor.mdx index 3f024fe6002c0..82682a7f71edb 100644 --- a/api_docs/kbn_code_editor.mdx +++ b/api_docs/kbn_code_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor title: "@kbn/code-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor'] --- import kbnCodeEditorObj from './kbn_code_editor.devdocs.json'; diff --git a/api_docs/kbn_code_editor_mock.mdx b/api_docs/kbn_code_editor_mock.mdx index 5fcccb2c79a57..e783fcab60b15 100644 --- a/api_docs/kbn_code_editor_mock.mdx +++ b/api_docs/kbn_code_editor_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor-mock title: "@kbn/code-editor-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor-mock plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor-mock'] --- import kbnCodeEditorMockObj from './kbn_code_editor_mock.devdocs.json'; diff --git a/api_docs/kbn_code_owners.devdocs.json b/api_docs/kbn_code_owners.devdocs.json index f36c551502821..8a9168cad1d76 100644 --- a/api_docs/kbn_code_owners.devdocs.json +++ b/api_docs/kbn_code_owners.devdocs.json @@ -114,6 +114,25 @@ "children": [], "returnComment": [], "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/code-owners", + "id": "def-common.runGetOwnersForFileCli", + "type": "Function", + "tags": [], + "label": "runGetOwnersForFileCli", + "description": [ + "\nRun the getCodeOwnersForFile() method above.\nReport back to the cli with either success and the owner(s), or a failure.\n\nThis function depends on a --file param being passed on the cli, like this:\n$ node scripts/get_owners_for_file.js --file SOME-FILE" + ], + "signature": [ + "() => Promise" + ], + "path": "packages/kbn-code-owners/src/file_code_owner.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [], + "initialIsOpen": false } ], "interfaces": [ diff --git a/api_docs/kbn_code_owners.mdx b/api_docs/kbn_code_owners.mdx index d5d85aa90baa2..cad5babc102ce 100644 --- a/api_docs/kbn_code_owners.mdx +++ b/api_docs/kbn_code_owners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-owners title: "@kbn/code-owners" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-owners plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-owners'] --- import kbnCodeOwnersObj from './kbn_code_owners.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) for | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 8 | 0 | 4 | 0 | +| 9 | 0 | 4 | 0 | ## Common diff --git a/api_docs/kbn_coloring.mdx b/api_docs/kbn_coloring.mdx index a97d123a5c655..e2c8154445726 100644 --- a/api_docs/kbn_coloring.mdx +++ b/api_docs/kbn_coloring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-coloring title: "@kbn/coloring" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/coloring plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/coloring'] --- import kbnColoringObj from './kbn_coloring.devdocs.json'; diff --git a/api_docs/kbn_config.mdx b/api_docs/kbn_config.mdx index 316f68651ad0e..b0a57f489dd65 100644 --- a/api_docs/kbn_config.mdx +++ b/api_docs/kbn_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config title: "@kbn/config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config'] --- import kbnConfigObj from './kbn_config.devdocs.json'; diff --git a/api_docs/kbn_config_mocks.mdx b/api_docs/kbn_config_mocks.mdx index eff871690ddcb..b07591481d449 100644 --- a/api_docs/kbn_config_mocks.mdx +++ b/api_docs/kbn_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-mocks title: "@kbn/config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-mocks'] --- import kbnConfigMocksObj from './kbn_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_config_schema.mdx b/api_docs/kbn_config_schema.mdx index fb0de4bf1a57a..9613201257629 100644 --- a/api_docs/kbn_config_schema.mdx +++ b/api_docs/kbn_config_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-schema title: "@kbn/config-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-schema plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-schema'] --- import kbnConfigSchemaObj from './kbn_config_schema.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_editor.mdx b/api_docs/kbn_content_management_content_editor.mdx index e251986021604..fba75dfb37d0b 100644 --- a/api_docs/kbn_content_management_content_editor.mdx +++ b/api_docs/kbn_content_management_content_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-editor title: "@kbn/content-management-content-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-editor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-editor'] --- import kbnContentManagementContentEditorObj from './kbn_content_management_content_editor.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_public.mdx b/api_docs/kbn_content_management_content_insights_public.mdx index 14e5040833d45..acfd3607beeb1 100644 --- a/api_docs/kbn_content_management_content_insights_public.mdx +++ b/api_docs/kbn_content_management_content_insights_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-public title: "@kbn/content-management-content-insights-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-public plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-public'] --- import kbnContentManagementContentInsightsPublicObj from './kbn_content_management_content_insights_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_server.mdx b/api_docs/kbn_content_management_content_insights_server.mdx index b13f823d9baa1..96948fd3e472a 100644 --- a/api_docs/kbn_content_management_content_insights_server.mdx +++ b/api_docs/kbn_content_management_content_insights_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-server title: "@kbn/content-management-content-insights-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-server'] --- import kbnContentManagementContentInsightsServerObj from './kbn_content_management_content_insights_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_public.mdx b/api_docs/kbn_content_management_favorites_public.mdx index 181459e4b9f89..a8097901e5762 100644 --- a/api_docs/kbn_content_management_favorites_public.mdx +++ b/api_docs/kbn_content_management_favorites_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-public title: "@kbn/content-management-favorites-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-public plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-public'] --- import kbnContentManagementFavoritesPublicObj from './kbn_content_management_favorites_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_server.mdx b/api_docs/kbn_content_management_favorites_server.mdx index 031601f15e157..30bb73888d630 100644 --- a/api_docs/kbn_content_management_favorites_server.mdx +++ b/api_docs/kbn_content_management_favorites_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-server title: "@kbn/content-management-favorites-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-server'] --- import kbnContentManagementFavoritesServerObj from './kbn_content_management_favorites_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_tabbed_table_list_view.mdx b/api_docs/kbn_content_management_tabbed_table_list_view.mdx index a3f34cfe9f32b..d51ad9435f37c 100644 --- a/api_docs/kbn_content_management_tabbed_table_list_view.mdx +++ b/api_docs/kbn_content_management_tabbed_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-tabbed-table-list-view title: "@kbn/content-management-tabbed-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-tabbed-table-list-view plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-tabbed-table-list-view'] --- import kbnContentManagementTabbedTableListViewObj from './kbn_content_management_tabbed_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view.mdx b/api_docs/kbn_content_management_table_list_view.mdx index 71ff10f2487b2..c25636de5b881 100644 --- a/api_docs/kbn_content_management_table_list_view.mdx +++ b/api_docs/kbn_content_management_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view title: "@kbn/content-management-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view'] --- import kbnContentManagementTableListViewObj from './kbn_content_management_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_common.mdx b/api_docs/kbn_content_management_table_list_view_common.mdx index 20063a8e6fc8f..8cec9381c2e09 100644 --- a/api_docs/kbn_content_management_table_list_view_common.mdx +++ b/api_docs/kbn_content_management_table_list_view_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-common title: "@kbn/content-management-table-list-view-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-common'] --- import kbnContentManagementTableListViewCommonObj from './kbn_content_management_table_list_view_common.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_table.mdx b/api_docs/kbn_content_management_table_list_view_table.mdx index b6ca456166c8b..cefa6049ed1f2 100644 --- a/api_docs/kbn_content_management_table_list_view_table.mdx +++ b/api_docs/kbn_content_management_table_list_view_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-table title: "@kbn/content-management-table-list-view-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-table plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-table'] --- import kbnContentManagementTableListViewTableObj from './kbn_content_management_table_list_view_table.devdocs.json'; diff --git a/api_docs/kbn_content_management_user_profiles.mdx b/api_docs/kbn_content_management_user_profiles.mdx index c66cf7b6c02f7..f2787cb616266 100644 --- a/api_docs/kbn_content_management_user_profiles.mdx +++ b/api_docs/kbn_content_management_user_profiles.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-user-profiles title: "@kbn/content-management-user-profiles" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-user-profiles plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-user-profiles'] --- import kbnContentManagementUserProfilesObj from './kbn_content_management_user_profiles.devdocs.json'; diff --git a/api_docs/kbn_content_management_utils.mdx b/api_docs/kbn_content_management_utils.mdx index bac450f0a6adc..18200b9f8e0b2 100644 --- a/api_docs/kbn_content_management_utils.mdx +++ b/api_docs/kbn_content_management_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-utils title: "@kbn/content-management-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-utils'] --- import kbnContentManagementUtilsObj from './kbn_content_management_utils.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser.devdocs.json b/api_docs/kbn_core_analytics_browser.devdocs.json index c72c8e37bd6b3..8b02dae4fa8ca 100644 --- a/api_docs/kbn_core_analytics_browser.devdocs.json +++ b/api_docs/kbn_core_analytics_browser.devdocs.json @@ -986,6 +986,10 @@ "plugin": "apm", "path": "x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts" + }, { "plugin": "observabilityLogsExplorer", "path": "x-pack/plugins/observability_solution/observability_logs_explorer/public/state_machines/observability_logs_explorer/src/telemetry_events.ts" @@ -1282,6 +1286,14 @@ "plugin": "infra", "path": "x-pack/plugins/observability_solution/infra/public/services/telemetry/telemetry_service.test.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/public/common/lib/telemetry/telemetry_service.test.ts" diff --git a/api_docs/kbn_core_analytics_browser.mdx b/api_docs/kbn_core_analytics_browser.mdx index 7a1b68c7962d2..3df1a69e6174e 100644 --- a/api_docs/kbn_core_analytics_browser.mdx +++ b/api_docs/kbn_core_analytics_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser title: "@kbn/core-analytics-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser'] --- import kbnCoreAnalyticsBrowserObj from './kbn_core_analytics_browser.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_internal.mdx b/api_docs/kbn_core_analytics_browser_internal.mdx index cb5d8d997202e..c96b5e320ab6b 100644 --- a/api_docs/kbn_core_analytics_browser_internal.mdx +++ b/api_docs/kbn_core_analytics_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-internal title: "@kbn/core-analytics-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-internal'] --- import kbnCoreAnalyticsBrowserInternalObj from './kbn_core_analytics_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_mocks.mdx b/api_docs/kbn_core_analytics_browser_mocks.mdx index 5e7b27d425a17..f4f858e5b2d7a 100644 --- a/api_docs/kbn_core_analytics_browser_mocks.mdx +++ b/api_docs/kbn_core_analytics_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-mocks title: "@kbn/core-analytics-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-mocks'] --- import kbnCoreAnalyticsBrowserMocksObj from './kbn_core_analytics_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server.devdocs.json b/api_docs/kbn_core_analytics_server.devdocs.json index 634566ac17f0b..d6c06f0d5d20c 100644 --- a/api_docs/kbn_core_analytics_server.devdocs.json +++ b/api_docs/kbn_core_analytics_server.devdocs.json @@ -994,6 +994,10 @@ "plugin": "apm", "path": "x-pack/plugins/observability_solution/apm/public/services/telemetry/telemetry_client.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_client.ts" + }, { "plugin": "observabilityLogsExplorer", "path": "x-pack/plugins/observability_solution/observability_logs_explorer/public/state_machines/observability_logs_explorer/src/telemetry_events.ts" @@ -1290,6 +1294,14 @@ "plugin": "infra", "path": "x-pack/plugins/observability_solution/infra/public/services/telemetry/telemetry_service.test.ts" }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, + { + "plugin": "inventory", + "path": "x-pack/plugins/observability_solution/inventory/public/services/telemetry/telemetry_service.test.ts" + }, { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/public/common/lib/telemetry/telemetry_service.test.ts" diff --git a/api_docs/kbn_core_analytics_server.mdx b/api_docs/kbn_core_analytics_server.mdx index 4acd9706c8dc7..16f5d3717632a 100644 --- a/api_docs/kbn_core_analytics_server.mdx +++ b/api_docs/kbn_core_analytics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server title: "@kbn/core-analytics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server'] --- import kbnCoreAnalyticsServerObj from './kbn_core_analytics_server.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_internal.mdx b/api_docs/kbn_core_analytics_server_internal.mdx index 2a39947efb85d..a5cf641e919f3 100644 --- a/api_docs/kbn_core_analytics_server_internal.mdx +++ b/api_docs/kbn_core_analytics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-internal title: "@kbn/core-analytics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-internal'] --- import kbnCoreAnalyticsServerInternalObj from './kbn_core_analytics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_mocks.mdx b/api_docs/kbn_core_analytics_server_mocks.mdx index 84cddad68307a..60be05ba7e737 100644 --- a/api_docs/kbn_core_analytics_server_mocks.mdx +++ b/api_docs/kbn_core_analytics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-mocks title: "@kbn/core-analytics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-mocks'] --- import kbnCoreAnalyticsServerMocksObj from './kbn_core_analytics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser.mdx b/api_docs/kbn_core_application_browser.mdx index 6d01e985756c2..be42486b562d4 100644 --- a/api_docs/kbn_core_application_browser.mdx +++ b/api_docs/kbn_core_application_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser title: "@kbn/core-application-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser'] --- import kbnCoreApplicationBrowserObj from './kbn_core_application_browser.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_internal.mdx b/api_docs/kbn_core_application_browser_internal.mdx index b1e90a921ee2e..205a250d1930f 100644 --- a/api_docs/kbn_core_application_browser_internal.mdx +++ b/api_docs/kbn_core_application_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-internal title: "@kbn/core-application-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-internal'] --- import kbnCoreApplicationBrowserInternalObj from './kbn_core_application_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_mocks.mdx b/api_docs/kbn_core_application_browser_mocks.mdx index ea52f7ac98ac5..c41a646fe5221 100644 --- a/api_docs/kbn_core_application_browser_mocks.mdx +++ b/api_docs/kbn_core_application_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-mocks title: "@kbn/core-application-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-mocks'] --- import kbnCoreApplicationBrowserMocksObj from './kbn_core_application_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_common.mdx b/api_docs/kbn_core_application_common.mdx index 7592d46c44d91..199985afc9f9d 100644 --- a/api_docs/kbn_core_application_common.mdx +++ b/api_docs/kbn_core_application_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-common title: "@kbn/core-application-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-common'] --- import kbnCoreApplicationCommonObj from './kbn_core_application_common.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_internal.mdx b/api_docs/kbn_core_apps_browser_internal.mdx index 4517d56c2cae8..119ac3ed0c04d 100644 --- a/api_docs/kbn_core_apps_browser_internal.mdx +++ b/api_docs/kbn_core_apps_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-internal title: "@kbn/core-apps-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-internal'] --- import kbnCoreAppsBrowserInternalObj from './kbn_core_apps_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_mocks.mdx b/api_docs/kbn_core_apps_browser_mocks.mdx index ac780c469f578..782e77c9ce722 100644 --- a/api_docs/kbn_core_apps_browser_mocks.mdx +++ b/api_docs/kbn_core_apps_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-mocks title: "@kbn/core-apps-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-mocks'] --- import kbnCoreAppsBrowserMocksObj from './kbn_core_apps_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_apps_server_internal.mdx b/api_docs/kbn_core_apps_server_internal.mdx index 259acec5dbf7d..5d999e66afed4 100644 --- a/api_docs/kbn_core_apps_server_internal.mdx +++ b/api_docs/kbn_core_apps_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-server-internal title: "@kbn/core-apps-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-server-internal'] --- import kbnCoreAppsServerInternalObj from './kbn_core_apps_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_browser_mocks.mdx b/api_docs/kbn_core_base_browser_mocks.mdx index 377361544894d..6261ffe7253f4 100644 --- a/api_docs/kbn_core_base_browser_mocks.mdx +++ b/api_docs/kbn_core_base_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-browser-mocks title: "@kbn/core-base-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-browser-mocks'] --- import kbnCoreBaseBrowserMocksObj from './kbn_core_base_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_base_common.mdx b/api_docs/kbn_core_base_common.mdx index 1f48fa8edd8e4..83a086198b20e 100644 --- a/api_docs/kbn_core_base_common.mdx +++ b/api_docs/kbn_core_base_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-common title: "@kbn/core-base-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-common'] --- import kbnCoreBaseCommonObj from './kbn_core_base_common.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_internal.mdx b/api_docs/kbn_core_base_server_internal.mdx index 650218656579e..9711ba19a7bd6 100644 --- a/api_docs/kbn_core_base_server_internal.mdx +++ b/api_docs/kbn_core_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-internal title: "@kbn/core-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-internal'] --- import kbnCoreBaseServerInternalObj from './kbn_core_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_mocks.mdx b/api_docs/kbn_core_base_server_mocks.mdx index 1eda1d4eb249f..1755fb65da97b 100644 --- a/api_docs/kbn_core_base_server_mocks.mdx +++ b/api_docs/kbn_core_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-mocks title: "@kbn/core-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-mocks'] --- import kbnCoreBaseServerMocksObj from './kbn_core_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_browser_mocks.mdx b/api_docs/kbn_core_capabilities_browser_mocks.mdx index 198be3abd86c0..f526e3e0e4647 100644 --- a/api_docs/kbn_core_capabilities_browser_mocks.mdx +++ b/api_docs/kbn_core_capabilities_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-browser-mocks title: "@kbn/core-capabilities-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-browser-mocks'] --- import kbnCoreCapabilitiesBrowserMocksObj from './kbn_core_capabilities_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_common.mdx b/api_docs/kbn_core_capabilities_common.mdx index 4aa6567baad3c..29da7fdc03769 100644 --- a/api_docs/kbn_core_capabilities_common.mdx +++ b/api_docs/kbn_core_capabilities_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-common title: "@kbn/core-capabilities-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-common'] --- import kbnCoreCapabilitiesCommonObj from './kbn_core_capabilities_common.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server.mdx b/api_docs/kbn_core_capabilities_server.mdx index c950f1b7a7191..4701a1361bc4e 100644 --- a/api_docs/kbn_core_capabilities_server.mdx +++ b/api_docs/kbn_core_capabilities_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server title: "@kbn/core-capabilities-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server'] --- import kbnCoreCapabilitiesServerObj from './kbn_core_capabilities_server.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server_mocks.mdx b/api_docs/kbn_core_capabilities_server_mocks.mdx index 3f238d298c2a1..4a42206bfddd4 100644 --- a/api_docs/kbn_core_capabilities_server_mocks.mdx +++ b/api_docs/kbn_core_capabilities_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server-mocks title: "@kbn/core-capabilities-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server-mocks'] --- import kbnCoreCapabilitiesServerMocksObj from './kbn_core_capabilities_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser.mdx b/api_docs/kbn_core_chrome_browser.mdx index 22ed0d01a4ef8..f91ce095a8381 100644 --- a/api_docs/kbn_core_chrome_browser.mdx +++ b/api_docs/kbn_core_chrome_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser title: "@kbn/core-chrome-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser'] --- import kbnCoreChromeBrowserObj from './kbn_core_chrome_browser.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser_mocks.mdx b/api_docs/kbn_core_chrome_browser_mocks.mdx index 958672b179546..ee61bc9c6a7eb 100644 --- a/api_docs/kbn_core_chrome_browser_mocks.mdx +++ b/api_docs/kbn_core_chrome_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser-mocks title: "@kbn/core-chrome-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser-mocks'] --- import kbnCoreChromeBrowserMocksObj from './kbn_core_chrome_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_config_server_internal.mdx b/api_docs/kbn_core_config_server_internal.mdx index 958990ac4bb65..b7668081d4ee3 100644 --- a/api_docs/kbn_core_config_server_internal.mdx +++ b/api_docs/kbn_core_config_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-config-server-internal title: "@kbn/core-config-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-config-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-config-server-internal'] --- import kbnCoreConfigServerInternalObj from './kbn_core_config_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser.mdx b/api_docs/kbn_core_custom_branding_browser.mdx index 962a02901fff0..e48e917415d0b 100644 --- a/api_docs/kbn_core_custom_branding_browser.mdx +++ b/api_docs/kbn_core_custom_branding_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser title: "@kbn/core-custom-branding-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser'] --- import kbnCoreCustomBrandingBrowserObj from './kbn_core_custom_branding_browser.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_internal.mdx b/api_docs/kbn_core_custom_branding_browser_internal.mdx index e93c3ad050de8..95cf740feff7a 100644 --- a/api_docs/kbn_core_custom_branding_browser_internal.mdx +++ b/api_docs/kbn_core_custom_branding_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-internal title: "@kbn/core-custom-branding-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-internal'] --- import kbnCoreCustomBrandingBrowserInternalObj from './kbn_core_custom_branding_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_mocks.mdx b/api_docs/kbn_core_custom_branding_browser_mocks.mdx index 75c036a31bf71..9ceacd82ea55f 100644 --- a/api_docs/kbn_core_custom_branding_browser_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-mocks title: "@kbn/core-custom-branding-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-mocks'] --- import kbnCoreCustomBrandingBrowserMocksObj from './kbn_core_custom_branding_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_common.mdx b/api_docs/kbn_core_custom_branding_common.mdx index 885e6d9b699ca..3022568b2d394 100644 --- a/api_docs/kbn_core_custom_branding_common.mdx +++ b/api_docs/kbn_core_custom_branding_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-common title: "@kbn/core-custom-branding-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-common'] --- import kbnCoreCustomBrandingCommonObj from './kbn_core_custom_branding_common.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server.mdx b/api_docs/kbn_core_custom_branding_server.mdx index 8378a47454f06..b38405d330388 100644 --- a/api_docs/kbn_core_custom_branding_server.mdx +++ b/api_docs/kbn_core_custom_branding_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server title: "@kbn/core-custom-branding-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server'] --- import kbnCoreCustomBrandingServerObj from './kbn_core_custom_branding_server.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_internal.mdx b/api_docs/kbn_core_custom_branding_server_internal.mdx index 029a69b1f9482..81f3b6504ecac 100644 --- a/api_docs/kbn_core_custom_branding_server_internal.mdx +++ b/api_docs/kbn_core_custom_branding_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-internal title: "@kbn/core-custom-branding-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-internal'] --- import kbnCoreCustomBrandingServerInternalObj from './kbn_core_custom_branding_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_mocks.mdx b/api_docs/kbn_core_custom_branding_server_mocks.mdx index 3faea73eb0892..949467426e44f 100644 --- a/api_docs/kbn_core_custom_branding_server_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-mocks title: "@kbn/core-custom-branding-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-mocks'] --- import kbnCoreCustomBrandingServerMocksObj from './kbn_core_custom_branding_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser.mdx b/api_docs/kbn_core_deprecations_browser.mdx index 95eeca208f028..27fa7e7ad6f52 100644 --- a/api_docs/kbn_core_deprecations_browser.mdx +++ b/api_docs/kbn_core_deprecations_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser title: "@kbn/core-deprecations-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser'] --- import kbnCoreDeprecationsBrowserObj from './kbn_core_deprecations_browser.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_internal.mdx b/api_docs/kbn_core_deprecations_browser_internal.mdx index 8809e0da44586..0ce1fe6cab123 100644 --- a/api_docs/kbn_core_deprecations_browser_internal.mdx +++ b/api_docs/kbn_core_deprecations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-internal title: "@kbn/core-deprecations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-internal'] --- import kbnCoreDeprecationsBrowserInternalObj from './kbn_core_deprecations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_mocks.mdx b/api_docs/kbn_core_deprecations_browser_mocks.mdx index 19eba63961e04..7823847efc55e 100644 --- a/api_docs/kbn_core_deprecations_browser_mocks.mdx +++ b/api_docs/kbn_core_deprecations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-mocks title: "@kbn/core-deprecations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-mocks'] --- import kbnCoreDeprecationsBrowserMocksObj from './kbn_core_deprecations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_common.mdx b/api_docs/kbn_core_deprecations_common.mdx index 7138342511f2a..2ca1a9a5995d7 100644 --- a/api_docs/kbn_core_deprecations_common.mdx +++ b/api_docs/kbn_core_deprecations_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-common title: "@kbn/core-deprecations-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-common'] --- import kbnCoreDeprecationsCommonObj from './kbn_core_deprecations_common.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server.mdx b/api_docs/kbn_core_deprecations_server.mdx index 114981efe6fdc..05a6fc2800d45 100644 --- a/api_docs/kbn_core_deprecations_server.mdx +++ b/api_docs/kbn_core_deprecations_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server title: "@kbn/core-deprecations-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server'] --- import kbnCoreDeprecationsServerObj from './kbn_core_deprecations_server.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_internal.mdx b/api_docs/kbn_core_deprecations_server_internal.mdx index b1b8561068183..76401015261f3 100644 --- a/api_docs/kbn_core_deprecations_server_internal.mdx +++ b/api_docs/kbn_core_deprecations_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-internal title: "@kbn/core-deprecations-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-internal'] --- import kbnCoreDeprecationsServerInternalObj from './kbn_core_deprecations_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_mocks.mdx b/api_docs/kbn_core_deprecations_server_mocks.mdx index 6c54d776d4b21..f26999c9ccb92 100644 --- a/api_docs/kbn_core_deprecations_server_mocks.mdx +++ b/api_docs/kbn_core_deprecations_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-mocks title: "@kbn/core-deprecations-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-mocks'] --- import kbnCoreDeprecationsServerMocksObj from './kbn_core_deprecations_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser.mdx b/api_docs/kbn_core_doc_links_browser.mdx index 6e21065e7b3f1..89510f89fb446 100644 --- a/api_docs/kbn_core_doc_links_browser.mdx +++ b/api_docs/kbn_core_doc_links_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser title: "@kbn/core-doc-links-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser'] --- import kbnCoreDocLinksBrowserObj from './kbn_core_doc_links_browser.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser_mocks.mdx b/api_docs/kbn_core_doc_links_browser_mocks.mdx index 30c99b193c122..e2ace01f4d91a 100644 --- a/api_docs/kbn_core_doc_links_browser_mocks.mdx +++ b/api_docs/kbn_core_doc_links_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser-mocks title: "@kbn/core-doc-links-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser-mocks'] --- import kbnCoreDocLinksBrowserMocksObj from './kbn_core_doc_links_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server.mdx b/api_docs/kbn_core_doc_links_server.mdx index 0192b706a5ca9..cb0e47e526147 100644 --- a/api_docs/kbn_core_doc_links_server.mdx +++ b/api_docs/kbn_core_doc_links_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server title: "@kbn/core-doc-links-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server'] --- import kbnCoreDocLinksServerObj from './kbn_core_doc_links_server.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server_mocks.mdx b/api_docs/kbn_core_doc_links_server_mocks.mdx index 9770a40b94511..cd6c785eb9766 100644 --- a/api_docs/kbn_core_doc_links_server_mocks.mdx +++ b/api_docs/kbn_core_doc_links_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server-mocks title: "@kbn/core-doc-links-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server-mocks'] --- import kbnCoreDocLinksServerMocksObj from './kbn_core_doc_links_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx index bc9ff9d057401..a64c8e76457c0 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-internal title: "@kbn/core-elasticsearch-client-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-internal'] --- import kbnCoreElasticsearchClientServerInternalObj from './kbn_core_elasticsearch_client_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx index 7db92d21054cf..d318ce092bde2 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-mocks title: "@kbn/core-elasticsearch-client-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-mocks'] --- import kbnCoreElasticsearchClientServerMocksObj from './kbn_core_elasticsearch_client_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server.devdocs.json b/api_docs/kbn_core_elasticsearch_server.devdocs.json index 3545ca05a5d0a..14c2183992b42 100644 --- a/api_docs/kbn_core_elasticsearch_server.devdocs.json +++ b/api_docs/kbn_core_elasticsearch_server.devdocs.json @@ -957,6 +957,22 @@ "trackAdoption": false, "children": [], "returnComment": [] + }, + { + "parentPluginId": "@kbn/core-elasticsearch-server", + "id": "def-server.ElasticsearchServiceStart.publicBaseUrl", + "type": "string", + "tags": [], + "label": "publicBaseUrl", + "description": [ + "\nThe public base URL (if any) that should be used by end users to access the Elasticsearch cluster." + ], + "signature": [ + "string | undefined" + ], + "path": "packages/core/elasticsearch/core-elasticsearch-server/src/contracts.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/kbn_core_elasticsearch_server.mdx b/api_docs/kbn_core_elasticsearch_server.mdx index f9e5b295184b1..d7a7d8dd79fb1 100644 --- a/api_docs/kbn_core_elasticsearch_server.mdx +++ b/api_docs/kbn_core_elasticsearch_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server title: "@kbn/core-elasticsearch-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server'] --- import kbnCoreElasticsearchServerObj from './kbn_core_elasticsearch_server.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 117 | 0 | 56 | 0 | +| 118 | 0 | 56 | 0 | ## Server diff --git a/api_docs/kbn_core_elasticsearch_server_internal.mdx b/api_docs/kbn_core_elasticsearch_server_internal.mdx index d9320e2f19a94..28b041ffda656 100644 --- a/api_docs/kbn_core_elasticsearch_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-internal title: "@kbn/core-elasticsearch-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-internal'] --- import kbnCoreElasticsearchServerInternalObj from './kbn_core_elasticsearch_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.devdocs.json b/api_docs/kbn_core_elasticsearch_server_mocks.devdocs.json index 702a8890af3d9..7c0baefca2c20 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.devdocs.json +++ b/api_docs/kbn_core_elasticsearch_server_mocks.devdocs.json @@ -57,7 +57,7 @@ "label": "MockedElasticSearchServiceStart", "description": [], "signature": [ - "{ getCapabilities: jest.MockInstance<", + "{ readonly publicBaseUrl?: string | undefined; getCapabilities: jest.MockInstance<", { "pluginId": "@kbn/core-elasticsearch-server", "scope": "server", diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_server_mocks.mdx index 79aec8ee176e7..a4d11955f590b 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-mocks title: "@kbn/core-elasticsearch-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-mocks'] --- import kbnCoreElasticsearchServerMocksObj from './kbn_core_elasticsearch_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_internal.mdx b/api_docs/kbn_core_environment_server_internal.mdx index 27f5426494047..a878b7bb2d05a 100644 --- a/api_docs/kbn_core_environment_server_internal.mdx +++ b/api_docs/kbn_core_environment_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-internal title: "@kbn/core-environment-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-internal'] --- import kbnCoreEnvironmentServerInternalObj from './kbn_core_environment_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_mocks.mdx b/api_docs/kbn_core_environment_server_mocks.mdx index bd87bab1c5b88..f65a6cfa25bac 100644 --- a/api_docs/kbn_core_environment_server_mocks.mdx +++ b/api_docs/kbn_core_environment_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-mocks title: "@kbn/core-environment-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-mocks'] --- import kbnCoreEnvironmentServerMocksObj from './kbn_core_environment_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser.mdx b/api_docs/kbn_core_execution_context_browser.mdx index 493bd0a27ad18..e18bbbd590468 100644 --- a/api_docs/kbn_core_execution_context_browser.mdx +++ b/api_docs/kbn_core_execution_context_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser title: "@kbn/core-execution-context-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser'] --- import kbnCoreExecutionContextBrowserObj from './kbn_core_execution_context_browser.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_internal.mdx b/api_docs/kbn_core_execution_context_browser_internal.mdx index a8a039c520a7c..eb02a6e79738b 100644 --- a/api_docs/kbn_core_execution_context_browser_internal.mdx +++ b/api_docs/kbn_core_execution_context_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-internal title: "@kbn/core-execution-context-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-internal'] --- import kbnCoreExecutionContextBrowserInternalObj from './kbn_core_execution_context_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_mocks.mdx b/api_docs/kbn_core_execution_context_browser_mocks.mdx index 2acbad65865e9..e4be154316277 100644 --- a/api_docs/kbn_core_execution_context_browser_mocks.mdx +++ b/api_docs/kbn_core_execution_context_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-mocks title: "@kbn/core-execution-context-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-mocks'] --- import kbnCoreExecutionContextBrowserMocksObj from './kbn_core_execution_context_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_common.mdx b/api_docs/kbn_core_execution_context_common.mdx index 1dc82cb47712e..0fec1d4fd393c 100644 --- a/api_docs/kbn_core_execution_context_common.mdx +++ b/api_docs/kbn_core_execution_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-common title: "@kbn/core-execution-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-common'] --- import kbnCoreExecutionContextCommonObj from './kbn_core_execution_context_common.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server.mdx b/api_docs/kbn_core_execution_context_server.mdx index 5e61dae29dc51..d041cff71dab2 100644 --- a/api_docs/kbn_core_execution_context_server.mdx +++ b/api_docs/kbn_core_execution_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server title: "@kbn/core-execution-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server'] --- import kbnCoreExecutionContextServerObj from './kbn_core_execution_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_internal.mdx b/api_docs/kbn_core_execution_context_server_internal.mdx index 9ac71c0ec0e1c..c9014070e632a 100644 --- a/api_docs/kbn_core_execution_context_server_internal.mdx +++ b/api_docs/kbn_core_execution_context_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-internal title: "@kbn/core-execution-context-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-internal'] --- import kbnCoreExecutionContextServerInternalObj from './kbn_core_execution_context_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_mocks.mdx b/api_docs/kbn_core_execution_context_server_mocks.mdx index b85661f46ce6f..ff4178f885f5d 100644 --- a/api_docs/kbn_core_execution_context_server_mocks.mdx +++ b/api_docs/kbn_core_execution_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-mocks title: "@kbn/core-execution-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-mocks'] --- import kbnCoreExecutionContextServerMocksObj from './kbn_core_execution_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser.mdx b/api_docs/kbn_core_fatal_errors_browser.mdx index 36285c083458c..94b91df2ade37 100644 --- a/api_docs/kbn_core_fatal_errors_browser.mdx +++ b/api_docs/kbn_core_fatal_errors_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser title: "@kbn/core-fatal-errors-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser'] --- import kbnCoreFatalErrorsBrowserObj from './kbn_core_fatal_errors_browser.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx index 7f6720c4cd315..5ae9ae2e2c637 100644 --- a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx +++ b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser-mocks title: "@kbn/core-fatal-errors-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser-mocks'] --- import kbnCoreFatalErrorsBrowserMocksObj from './kbn_core_fatal_errors_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser.mdx b/api_docs/kbn_core_feature_flags_browser.mdx index 721f50f22c842..837e3e33a632c 100644 --- a/api_docs/kbn_core_feature_flags_browser.mdx +++ b/api_docs/kbn_core_feature_flags_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser title: "@kbn/core-feature-flags-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser'] --- import kbnCoreFeatureFlagsBrowserObj from './kbn_core_feature_flags_browser.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_internal.mdx b/api_docs/kbn_core_feature_flags_browser_internal.mdx index 4adc3c21c248c..8f9b324aa48fa 100644 --- a/api_docs/kbn_core_feature_flags_browser_internal.mdx +++ b/api_docs/kbn_core_feature_flags_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-internal title: "@kbn/core-feature-flags-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-internal'] --- import kbnCoreFeatureFlagsBrowserInternalObj from './kbn_core_feature_flags_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_mocks.mdx b/api_docs/kbn_core_feature_flags_browser_mocks.mdx index 4bf9e3aefedce..6ddb387cac9d0 100644 --- a/api_docs/kbn_core_feature_flags_browser_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-mocks title: "@kbn/core-feature-flags-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-mocks'] --- import kbnCoreFeatureFlagsBrowserMocksObj from './kbn_core_feature_flags_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server.mdx b/api_docs/kbn_core_feature_flags_server.mdx index dde7caaa8329c..5b1946b309e32 100644 --- a/api_docs/kbn_core_feature_flags_server.mdx +++ b/api_docs/kbn_core_feature_flags_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server title: "@kbn/core-feature-flags-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server'] --- import kbnCoreFeatureFlagsServerObj from './kbn_core_feature_flags_server.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_internal.mdx b/api_docs/kbn_core_feature_flags_server_internal.mdx index 347d8d300b904..4fec14f7aab91 100644 --- a/api_docs/kbn_core_feature_flags_server_internal.mdx +++ b/api_docs/kbn_core_feature_flags_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-internal title: "@kbn/core-feature-flags-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-internal'] --- import kbnCoreFeatureFlagsServerInternalObj from './kbn_core_feature_flags_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_mocks.mdx b/api_docs/kbn_core_feature_flags_server_mocks.mdx index a064a024ed9ed..bb595ca54c5b5 100644 --- a/api_docs/kbn_core_feature_flags_server_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-mocks title: "@kbn/core-feature-flags-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-mocks'] --- import kbnCoreFeatureFlagsServerMocksObj from './kbn_core_feature_flags_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser.mdx b/api_docs/kbn_core_http_browser.mdx index b171b7227d466..e6b8cd311ee63 100644 --- a/api_docs/kbn_core_http_browser.mdx +++ b/api_docs/kbn_core_http_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser title: "@kbn/core-http-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser'] --- import kbnCoreHttpBrowserObj from './kbn_core_http_browser.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_internal.mdx b/api_docs/kbn_core_http_browser_internal.mdx index 0c6e103b198bb..8dcf27cacafce 100644 --- a/api_docs/kbn_core_http_browser_internal.mdx +++ b/api_docs/kbn_core_http_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-internal title: "@kbn/core-http-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-internal'] --- import kbnCoreHttpBrowserInternalObj from './kbn_core_http_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_mocks.mdx b/api_docs/kbn_core_http_browser_mocks.mdx index c307b34e653c9..9369f65971af7 100644 --- a/api_docs/kbn_core_http_browser_mocks.mdx +++ b/api_docs/kbn_core_http_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-mocks title: "@kbn/core-http-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-mocks'] --- import kbnCoreHttpBrowserMocksObj from './kbn_core_http_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_common.mdx b/api_docs/kbn_core_http_common.mdx index 783fcd2b09c59..f1d1f27d7d1b0 100644 --- a/api_docs/kbn_core_http_common.mdx +++ b/api_docs/kbn_core_http_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-common title: "@kbn/core-http-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-common'] --- import kbnCoreHttpCommonObj from './kbn_core_http_common.devdocs.json'; diff --git a/api_docs/kbn_core_http_context_server_mocks.mdx b/api_docs/kbn_core_http_context_server_mocks.mdx index 75e523ca0ea52..db25080fbfe34 100644 --- a/api_docs/kbn_core_http_context_server_mocks.mdx +++ b/api_docs/kbn_core_http_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-context-server-mocks title: "@kbn/core-http-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-context-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-context-server-mocks'] --- import kbnCoreHttpContextServerMocksObj from './kbn_core_http_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_request_handler_context_server.mdx b/api_docs/kbn_core_http_request_handler_context_server.mdx index 08145941f03ce..68278c812c48d 100644 --- a/api_docs/kbn_core_http_request_handler_context_server.mdx +++ b/api_docs/kbn_core_http_request_handler_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-request-handler-context-server title: "@kbn/core-http-request-handler-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-request-handler-context-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-request-handler-context-server'] --- import kbnCoreHttpRequestHandlerContextServerObj from './kbn_core_http_request_handler_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server.mdx b/api_docs/kbn_core_http_resources_server.mdx index 419ec334f419a..8be0dbf992f29 100644 --- a/api_docs/kbn_core_http_resources_server.mdx +++ b/api_docs/kbn_core_http_resources_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server title: "@kbn/core-http-resources-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server'] --- import kbnCoreHttpResourcesServerObj from './kbn_core_http_resources_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_internal.mdx b/api_docs/kbn_core_http_resources_server_internal.mdx index e98be0ff713e0..1407c288d0d11 100644 --- a/api_docs/kbn_core_http_resources_server_internal.mdx +++ b/api_docs/kbn_core_http_resources_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-internal title: "@kbn/core-http-resources-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-internal'] --- import kbnCoreHttpResourcesServerInternalObj from './kbn_core_http_resources_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_mocks.mdx b/api_docs/kbn_core_http_resources_server_mocks.mdx index 67055448954e1..4a68a3b2a6730 100644 --- a/api_docs/kbn_core_http_resources_server_mocks.mdx +++ b/api_docs/kbn_core_http_resources_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-mocks title: "@kbn/core-http-resources-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-mocks'] --- import kbnCoreHttpResourcesServerMocksObj from './kbn_core_http_resources_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_internal.mdx b/api_docs/kbn_core_http_router_server_internal.mdx index 360e51e41af92..e3dfaae50bad8 100644 --- a/api_docs/kbn_core_http_router_server_internal.mdx +++ b/api_docs/kbn_core_http_router_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-internal title: "@kbn/core-http-router-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-internal'] --- import kbnCoreHttpRouterServerInternalObj from './kbn_core_http_router_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_mocks.mdx b/api_docs/kbn_core_http_router_server_mocks.mdx index bf2a19b47b7fe..d6647890e2a91 100644 --- a/api_docs/kbn_core_http_router_server_mocks.mdx +++ b/api_docs/kbn_core_http_router_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-mocks title: "@kbn/core-http-router-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-mocks'] --- import kbnCoreHttpRouterServerMocksObj from './kbn_core_http_router_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_server.devdocs.json b/api_docs/kbn_core_http_server.devdocs.json index 596dec9690097..09c0da0905891 100644 --- a/api_docs/kbn_core_http_server.devdocs.json +++ b/api_docs/kbn_core_http_server.devdocs.json @@ -14254,6 +14254,10 @@ "plugin": "@kbn/core-metrics-server-internal", "path": "packages/core/metrics/core-metrics-server-internal/src/routes/elu_history.ts" }, + { + "plugin": "cloud", + "path": "x-pack/plugins/cloud/server/routes/elasticsearch_routes.ts" + }, { "plugin": "@kbn/core-http-router-server-mocks", "path": "packages/core/http/core-http-router-server-mocks/src/versioned_router.mock.ts" @@ -15022,6 +15026,10 @@ "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/server/lib/entity_analytics/risk_engine/routes/settings.ts" }, + { + "plugin": "securitySolution", + "path": "x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts" + }, { "plugin": "securitySolution", "path": "x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/get.ts" diff --git a/api_docs/kbn_core_http_server.mdx b/api_docs/kbn_core_http_server.mdx index ec98554b403f5..2e4af146f8ebb 100644 --- a/api_docs/kbn_core_http_server.mdx +++ b/api_docs/kbn_core_http_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server title: "@kbn/core-http-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server'] --- import kbnCoreHttpServerObj from './kbn_core_http_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_internal.mdx b/api_docs/kbn_core_http_server_internal.mdx index 8ca3c4fac051c..77084a93da169 100644 --- a/api_docs/kbn_core_http_server_internal.mdx +++ b/api_docs/kbn_core_http_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-internal title: "@kbn/core-http-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-internal'] --- import kbnCoreHttpServerInternalObj from './kbn_core_http_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_mocks.mdx b/api_docs/kbn_core_http_server_mocks.mdx index 3b2d889f8f68a..1eab4edff9c52 100644 --- a/api_docs/kbn_core_http_server_mocks.mdx +++ b/api_docs/kbn_core_http_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-mocks title: "@kbn/core-http-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-mocks'] --- import kbnCoreHttpServerMocksObj from './kbn_core_http_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser.mdx b/api_docs/kbn_core_i18n_browser.mdx index bc5eb016cfda0..a4f8c0fd2cbe5 100644 --- a/api_docs/kbn_core_i18n_browser.mdx +++ b/api_docs/kbn_core_i18n_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser title: "@kbn/core-i18n-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser'] --- import kbnCoreI18nBrowserObj from './kbn_core_i18n_browser.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser_mocks.mdx b/api_docs/kbn_core_i18n_browser_mocks.mdx index 5b01d4a4fe5f1..15cfc791df38d 100644 --- a/api_docs/kbn_core_i18n_browser_mocks.mdx +++ b/api_docs/kbn_core_i18n_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser-mocks title: "@kbn/core-i18n-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser-mocks'] --- import kbnCoreI18nBrowserMocksObj from './kbn_core_i18n_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server.mdx b/api_docs/kbn_core_i18n_server.mdx index 9d29fef8633ea..bb18ae0f8a60c 100644 --- a/api_docs/kbn_core_i18n_server.mdx +++ b/api_docs/kbn_core_i18n_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server title: "@kbn/core-i18n-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server'] --- import kbnCoreI18nServerObj from './kbn_core_i18n_server.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_internal.mdx b/api_docs/kbn_core_i18n_server_internal.mdx index 4e41d91702c75..e2d19c3d25631 100644 --- a/api_docs/kbn_core_i18n_server_internal.mdx +++ b/api_docs/kbn_core_i18n_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-internal title: "@kbn/core-i18n-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-internal'] --- import kbnCoreI18nServerInternalObj from './kbn_core_i18n_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_mocks.mdx b/api_docs/kbn_core_i18n_server_mocks.mdx index cc0b5d30f759c..e44a4572314cd 100644 --- a/api_docs/kbn_core_i18n_server_mocks.mdx +++ b/api_docs/kbn_core_i18n_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-mocks title: "@kbn/core-i18n-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-mocks'] --- import kbnCoreI18nServerMocksObj from './kbn_core_i18n_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx index f0093d24ffa61..5e6b40e7fcf81 100644 --- a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx +++ b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-injected-metadata-browser-mocks title: "@kbn/core-injected-metadata-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-injected-metadata-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-injected-metadata-browser-mocks'] --- import kbnCoreInjectedMetadataBrowserMocksObj from './kbn_core_injected_metadata_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_internal.mdx b/api_docs/kbn_core_integrations_browser_internal.mdx index a61b35955ae35..57c01c416bf0d 100644 --- a/api_docs/kbn_core_integrations_browser_internal.mdx +++ b/api_docs/kbn_core_integrations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-internal title: "@kbn/core-integrations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-internal'] --- import kbnCoreIntegrationsBrowserInternalObj from './kbn_core_integrations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_mocks.mdx b/api_docs/kbn_core_integrations_browser_mocks.mdx index 1a8c594ff1b67..51537ccdaf7d2 100644 --- a/api_docs/kbn_core_integrations_browser_mocks.mdx +++ b/api_docs/kbn_core_integrations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-mocks title: "@kbn/core-integrations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-mocks'] --- import kbnCoreIntegrationsBrowserMocksObj from './kbn_core_integrations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser.devdocs.json b/api_docs/kbn_core_lifecycle_browser.devdocs.json index 6dc2ededac6e0..745022a2696c4 100644 --- a/api_docs/kbn_core_lifecycle_browser.devdocs.json +++ b/api_docs/kbn_core_lifecycle_browser.devdocs.json @@ -605,10 +605,6 @@ "plugin": "home", "path": "src/plugins/home/public/plugin.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/plugin.ts" - }, { "plugin": "unifiedSearch", "path": "src/plugins/unified_search/public/types.ts" diff --git a/api_docs/kbn_core_lifecycle_browser.mdx b/api_docs/kbn_core_lifecycle_browser.mdx index 9e1ece44c430e..87ac6c95413d2 100644 --- a/api_docs/kbn_core_lifecycle_browser.mdx +++ b/api_docs/kbn_core_lifecycle_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser title: "@kbn/core-lifecycle-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser'] --- import kbnCoreLifecycleBrowserObj from './kbn_core_lifecycle_browser.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser_mocks.mdx b/api_docs/kbn_core_lifecycle_browser_mocks.mdx index 30bbd2a10a894..affa19778068b 100644 --- a/api_docs/kbn_core_lifecycle_browser_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser-mocks title: "@kbn/core-lifecycle-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser-mocks'] --- import kbnCoreLifecycleBrowserMocksObj from './kbn_core_lifecycle_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server.mdx b/api_docs/kbn_core_lifecycle_server.mdx index 918a65a7b4b9d..c4d7d63de5056 100644 --- a/api_docs/kbn_core_lifecycle_server.mdx +++ b/api_docs/kbn_core_lifecycle_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server title: "@kbn/core-lifecycle-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server'] --- import kbnCoreLifecycleServerObj from './kbn_core_lifecycle_server.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server_mocks.mdx b/api_docs/kbn_core_lifecycle_server_mocks.mdx index c62edeccd0137..3a891fb4544e5 100644 --- a/api_docs/kbn_core_lifecycle_server_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server-mocks title: "@kbn/core-lifecycle-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server-mocks'] --- import kbnCoreLifecycleServerMocksObj from './kbn_core_lifecycle_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_browser_mocks.mdx b/api_docs/kbn_core_logging_browser_mocks.mdx index 61b094664f764..fc775df783422 100644 --- a/api_docs/kbn_core_logging_browser_mocks.mdx +++ b/api_docs/kbn_core_logging_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-browser-mocks title: "@kbn/core-logging-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-browser-mocks'] --- import kbnCoreLoggingBrowserMocksObj from './kbn_core_logging_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_common_internal.mdx b/api_docs/kbn_core_logging_common_internal.mdx index 265325361d25c..31d862162945c 100644 --- a/api_docs/kbn_core_logging_common_internal.mdx +++ b/api_docs/kbn_core_logging_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-common-internal title: "@kbn/core-logging-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-common-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-common-internal'] --- import kbnCoreLoggingCommonInternalObj from './kbn_core_logging_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server.mdx b/api_docs/kbn_core_logging_server.mdx index b5f156fe88553..07d1af4780246 100644 --- a/api_docs/kbn_core_logging_server.mdx +++ b/api_docs/kbn_core_logging_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server title: "@kbn/core-logging-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server'] --- import kbnCoreLoggingServerObj from './kbn_core_logging_server.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_internal.mdx b/api_docs/kbn_core_logging_server_internal.mdx index 76967400fea71..7e1a3d308c6e6 100644 --- a/api_docs/kbn_core_logging_server_internal.mdx +++ b/api_docs/kbn_core_logging_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-internal title: "@kbn/core-logging-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-internal'] --- import kbnCoreLoggingServerInternalObj from './kbn_core_logging_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_mocks.mdx b/api_docs/kbn_core_logging_server_mocks.mdx index cbf8741213c0c..1fa6a538f1a4f 100644 --- a/api_docs/kbn_core_logging_server_mocks.mdx +++ b/api_docs/kbn_core_logging_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-mocks title: "@kbn/core-logging-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-mocks'] --- import kbnCoreLoggingServerMocksObj from './kbn_core_logging_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_internal.mdx b/api_docs/kbn_core_metrics_collectors_server_internal.mdx index cde4a55c6de8d..4216acde77ada 100644 --- a/api_docs/kbn_core_metrics_collectors_server_internal.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-internal title: "@kbn/core-metrics-collectors-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-internal'] --- import kbnCoreMetricsCollectorsServerInternalObj from './kbn_core_metrics_collectors_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx index 2a2cc31da838f..f69efae675890 100644 --- a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-mocks title: "@kbn/core-metrics-collectors-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-mocks'] --- import kbnCoreMetricsCollectorsServerMocksObj from './kbn_core_metrics_collectors_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server.mdx b/api_docs/kbn_core_metrics_server.mdx index 7d287adca1f2a..0aedefa5eb611 100644 --- a/api_docs/kbn_core_metrics_server.mdx +++ b/api_docs/kbn_core_metrics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server title: "@kbn/core-metrics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server'] --- import kbnCoreMetricsServerObj from './kbn_core_metrics_server.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_internal.mdx b/api_docs/kbn_core_metrics_server_internal.mdx index b9244ae1abb17..a853bf3e68453 100644 --- a/api_docs/kbn_core_metrics_server_internal.mdx +++ b/api_docs/kbn_core_metrics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-internal title: "@kbn/core-metrics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-internal'] --- import kbnCoreMetricsServerInternalObj from './kbn_core_metrics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_mocks.mdx b/api_docs/kbn_core_metrics_server_mocks.mdx index 52b920762fbe7..04bcdf30a541b 100644 --- a/api_docs/kbn_core_metrics_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-mocks title: "@kbn/core-metrics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-mocks'] --- import kbnCoreMetricsServerMocksObj from './kbn_core_metrics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_mount_utils_browser.mdx b/api_docs/kbn_core_mount_utils_browser.mdx index 218979ff31fc7..ca1f8c737bc4d 100644 --- a/api_docs/kbn_core_mount_utils_browser.mdx +++ b/api_docs/kbn_core_mount_utils_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-mount-utils-browser title: "@kbn/core-mount-utils-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-mount-utils-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-mount-utils-browser'] --- import kbnCoreMountUtilsBrowserObj from './kbn_core_mount_utils_browser.devdocs.json'; diff --git a/api_docs/kbn_core_node_server.mdx b/api_docs/kbn_core_node_server.mdx index af7fe8e19e747..af8203ba16d6b 100644 --- a/api_docs/kbn_core_node_server.mdx +++ b/api_docs/kbn_core_node_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server title: "@kbn/core-node-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server'] --- import kbnCoreNodeServerObj from './kbn_core_node_server.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_internal.mdx b/api_docs/kbn_core_node_server_internal.mdx index 227d7f6a58519..406099649b20c 100644 --- a/api_docs/kbn_core_node_server_internal.mdx +++ b/api_docs/kbn_core_node_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-internal title: "@kbn/core-node-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-internal'] --- import kbnCoreNodeServerInternalObj from './kbn_core_node_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_mocks.mdx b/api_docs/kbn_core_node_server_mocks.mdx index 1e5650e079a85..4fd0ccf534623 100644 --- a/api_docs/kbn_core_node_server_mocks.mdx +++ b/api_docs/kbn_core_node_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-mocks title: "@kbn/core-node-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-mocks'] --- import kbnCoreNodeServerMocksObj from './kbn_core_node_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser.mdx b/api_docs/kbn_core_notifications_browser.mdx index 293fe9f0658e1..3f328d5fd528a 100644 --- a/api_docs/kbn_core_notifications_browser.mdx +++ b/api_docs/kbn_core_notifications_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser title: "@kbn/core-notifications-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser'] --- import kbnCoreNotificationsBrowserObj from './kbn_core_notifications_browser.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_internal.mdx b/api_docs/kbn_core_notifications_browser_internal.mdx index 7a253a4d4e978..67ed0a8bdbcc4 100644 --- a/api_docs/kbn_core_notifications_browser_internal.mdx +++ b/api_docs/kbn_core_notifications_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-internal title: "@kbn/core-notifications-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-internal'] --- import kbnCoreNotificationsBrowserInternalObj from './kbn_core_notifications_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_mocks.mdx b/api_docs/kbn_core_notifications_browser_mocks.mdx index b7cdd17426a7a..2db575f4214ff 100644 --- a/api_docs/kbn_core_notifications_browser_mocks.mdx +++ b/api_docs/kbn_core_notifications_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-mocks title: "@kbn/core-notifications-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-mocks'] --- import kbnCoreNotificationsBrowserMocksObj from './kbn_core_notifications_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser.mdx b/api_docs/kbn_core_overlays_browser.mdx index c57c89038615e..65a9eea7ef721 100644 --- a/api_docs/kbn_core_overlays_browser.mdx +++ b/api_docs/kbn_core_overlays_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser title: "@kbn/core-overlays-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser'] --- import kbnCoreOverlaysBrowserObj from './kbn_core_overlays_browser.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_internal.mdx b/api_docs/kbn_core_overlays_browser_internal.mdx index 4325967630cff..c903a18965096 100644 --- a/api_docs/kbn_core_overlays_browser_internal.mdx +++ b/api_docs/kbn_core_overlays_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-internal title: "@kbn/core-overlays-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-internal'] --- import kbnCoreOverlaysBrowserInternalObj from './kbn_core_overlays_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_mocks.mdx b/api_docs/kbn_core_overlays_browser_mocks.mdx index 0fd92eb1c5461..23ccca8c3830e 100644 --- a/api_docs/kbn_core_overlays_browser_mocks.mdx +++ b/api_docs/kbn_core_overlays_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-mocks title: "@kbn/core-overlays-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-mocks'] --- import kbnCoreOverlaysBrowserMocksObj from './kbn_core_overlays_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser.mdx b/api_docs/kbn_core_plugins_browser.mdx index 32cf621c34cab..b16f285fe3142 100644 --- a/api_docs/kbn_core_plugins_browser.mdx +++ b/api_docs/kbn_core_plugins_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser title: "@kbn/core-plugins-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser'] --- import kbnCorePluginsBrowserObj from './kbn_core_plugins_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser_mocks.mdx b/api_docs/kbn_core_plugins_browser_mocks.mdx index 49f4f3d274a4c..29b8824299f38 100644 --- a/api_docs/kbn_core_plugins_browser_mocks.mdx +++ b/api_docs/kbn_core_plugins_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser-mocks title: "@kbn/core-plugins-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser-mocks'] --- import kbnCorePluginsBrowserMocksObj from './kbn_core_plugins_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_browser.mdx b/api_docs/kbn_core_plugins_contracts_browser.mdx index acf7337fec743..7f88e41b9d32d 100644 --- a/api_docs/kbn_core_plugins_contracts_browser.mdx +++ b/api_docs/kbn_core_plugins_contracts_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-browser title: "@kbn/core-plugins-contracts-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-browser'] --- import kbnCorePluginsContractsBrowserObj from './kbn_core_plugins_contracts_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_server.mdx b/api_docs/kbn_core_plugins_contracts_server.mdx index 35bd5fc0b188e..5aa93ae65598f 100644 --- a/api_docs/kbn_core_plugins_contracts_server.mdx +++ b/api_docs/kbn_core_plugins_contracts_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-server title: "@kbn/core-plugins-contracts-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-server'] --- import kbnCorePluginsContractsServerObj from './kbn_core_plugins_contracts_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server.mdx b/api_docs/kbn_core_plugins_server.mdx index 880f5a199861f..6b7c1cb0e3e52 100644 --- a/api_docs/kbn_core_plugins_server.mdx +++ b/api_docs/kbn_core_plugins_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server title: "@kbn/core-plugins-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server'] --- import kbnCorePluginsServerObj from './kbn_core_plugins_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server_mocks.mdx b/api_docs/kbn_core_plugins_server_mocks.mdx index c2f1025126f7d..714f322fc6027 100644 --- a/api_docs/kbn_core_plugins_server_mocks.mdx +++ b/api_docs/kbn_core_plugins_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server-mocks title: "@kbn/core-plugins-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server-mocks'] --- import kbnCorePluginsServerMocksObj from './kbn_core_plugins_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server.mdx b/api_docs/kbn_core_preboot_server.mdx index 72a8de7fea2d5..7edc7d68323b6 100644 --- a/api_docs/kbn_core_preboot_server.mdx +++ b/api_docs/kbn_core_preboot_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server title: "@kbn/core-preboot-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server'] --- import kbnCorePrebootServerObj from './kbn_core_preboot_server.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server_mocks.mdx b/api_docs/kbn_core_preboot_server_mocks.mdx index 7379ba432d315..d063c725f3972 100644 --- a/api_docs/kbn_core_preboot_server_mocks.mdx +++ b/api_docs/kbn_core_preboot_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server-mocks title: "@kbn/core-preboot-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server-mocks'] --- import kbnCorePrebootServerMocksObj from './kbn_core_preboot_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_browser_mocks.mdx b/api_docs/kbn_core_rendering_browser_mocks.mdx index 7a61372f6c497..07d54b4cb8684 100644 --- a/api_docs/kbn_core_rendering_browser_mocks.mdx +++ b/api_docs/kbn_core_rendering_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-browser-mocks title: "@kbn/core-rendering-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-browser-mocks'] --- import kbnCoreRenderingBrowserMocksObj from './kbn_core_rendering_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_internal.mdx b/api_docs/kbn_core_rendering_server_internal.mdx index 52ebd954afd30..92820e3d64972 100644 --- a/api_docs/kbn_core_rendering_server_internal.mdx +++ b/api_docs/kbn_core_rendering_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-internal title: "@kbn/core-rendering-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-internal'] --- import kbnCoreRenderingServerInternalObj from './kbn_core_rendering_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_mocks.mdx b/api_docs/kbn_core_rendering_server_mocks.mdx index 12f4aeb686c10..9079f89e087d9 100644 --- a/api_docs/kbn_core_rendering_server_mocks.mdx +++ b/api_docs/kbn_core_rendering_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-mocks title: "@kbn/core-rendering-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-mocks'] --- import kbnCoreRenderingServerMocksObj from './kbn_core_rendering_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_root_server_internal.mdx b/api_docs/kbn_core_root_server_internal.mdx index a4fd7a6a7ae33..6218d4de657a8 100644 --- a/api_docs/kbn_core_root_server_internal.mdx +++ b/api_docs/kbn_core_root_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-root-server-internal title: "@kbn/core-root-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-root-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-root-server-internal'] --- import kbnCoreRootServerInternalObj from './kbn_core_root_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_browser.devdocs.json b/api_docs/kbn_core_saved_objects_api_browser.devdocs.json index 910b548159b1f..9c52167b88c89 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.devdocs.json +++ b/api_docs/kbn_core_saved_objects_api_browser.devdocs.json @@ -906,14 +906,6 @@ "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/types.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.ts" @@ -966,6 +958,14 @@ "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts" }, + { + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" + }, + { + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" + }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts" @@ -1046,18 +1046,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts" @@ -1068,35 +1056,15 @@ }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/save_saved_object.ts" }, { "plugin": "savedObjects", @@ -1370,10 +1338,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/build_saved_object.ts" - }, { "plugin": "visualizations", "path": "src/plugins/visualizations/public/visualize_app/components/visualize_listing.tsx" @@ -1623,10 +1587,6 @@ "plugin": "dashboardEnhanced", "path": "x-pack/plugins/dashboard_enhanced/public/services/drilldowns/abstract_dashboard_drilldown/components/collect_config_container.tsx" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/find_object_by_title.test.ts" @@ -1711,17 +1671,13 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" - }, { "plugin": "dashboardEnhanced", "path": "x-pack/plugins/dashboard_enhanced/public/services/drilldowns/abstract_dashboard_drilldown/components/collect_config_container.tsx" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" + "path": "src/plugins/saved_objects/public/saved_object/helpers/initialize_saved_object.ts" }, { "plugin": "@kbn/core-saved-objects-browser-internal", @@ -1878,10 +1834,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "@kbn/core-saved-objects-browser-internal", "path": "packages/core/saved-objects/core-saved-objects-browser-internal/src/saved_objects_client.ts" @@ -2166,10 +2118,6 @@ "plugin": "@kbn/core-saved-objects-browser-mocks", "path": "packages/core/saved-objects/core-saved-objects-browser-mocks/src/saved_objects_service.mock.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "@kbn/core-saved-objects-browser-internal", "path": "packages/core/saved-objects/core-saved-objects-browser-internal/src/simple_saved_object.test.ts" @@ -3055,50 +3003,6 @@ "plugin": "eventAnnotation", "path": "src/plugins/event_annotation/public/event_annotation_service/service.test.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "visualizations", "path": "src/plugins/visualizations/public/utils/saved_objects_utils/find_object_by_title.test.ts" diff --git a/api_docs/kbn_core_saved_objects_api_browser.mdx b/api_docs/kbn_core_saved_objects_api_browser.mdx index ef6ae34fe7fb2..1633a36f8c337 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.mdx +++ b/api_docs/kbn_core_saved_objects_api_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-browser title: "@kbn/core-saved-objects-api-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-browser'] --- import kbnCoreSavedObjectsApiBrowserObj from './kbn_core_saved_objects_api_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server.mdx b/api_docs/kbn_core_saved_objects_api_server.mdx index 6e0acbec6b85f..ad0fe6b3c998a 100644 --- a/api_docs/kbn_core_saved_objects_api_server.mdx +++ b/api_docs/kbn_core_saved_objects_api_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server title: "@kbn/core-saved-objects-api-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server'] --- import kbnCoreSavedObjectsApiServerObj from './kbn_core_saved_objects_api_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx index baf5fa1b3c012..6fab97d53cfcc 100644 --- a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server-mocks title: "@kbn/core-saved-objects-api-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server-mocks'] --- import kbnCoreSavedObjectsApiServerMocksObj from './kbn_core_saved_objects_api_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_internal.mdx b/api_docs/kbn_core_saved_objects_base_server_internal.mdx index cdd5aa9c2012f..7d9cef51ef466 100644 --- a/api_docs/kbn_core_saved_objects_base_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-internal title: "@kbn/core-saved-objects-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-internal'] --- import kbnCoreSavedObjectsBaseServerInternalObj from './kbn_core_saved_objects_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx index b3f47b74192a0..25fc98860f37d 100644 --- a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-mocks title: "@kbn/core-saved-objects-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-mocks'] --- import kbnCoreSavedObjectsBaseServerMocksObj from './kbn_core_saved_objects_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser.mdx b/api_docs/kbn_core_saved_objects_browser.mdx index ad0c6561409e5..19c1c438ef70a 100644 --- a/api_docs/kbn_core_saved_objects_browser.mdx +++ b/api_docs/kbn_core_saved_objects_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser title: "@kbn/core-saved-objects-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser'] --- import kbnCoreSavedObjectsBrowserObj from './kbn_core_saved_objects_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_internal.mdx b/api_docs/kbn_core_saved_objects_browser_internal.mdx index fcb23d250cb68..8530211f6f79f 100644 --- a/api_docs/kbn_core_saved_objects_browser_internal.mdx +++ b/api_docs/kbn_core_saved_objects_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-internal title: "@kbn/core-saved-objects-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-internal'] --- import kbnCoreSavedObjectsBrowserInternalObj from './kbn_core_saved_objects_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_mocks.mdx b/api_docs/kbn_core_saved_objects_browser_mocks.mdx index a7febcbf41a4b..a4b2fc329a2ae 100644 --- a/api_docs/kbn_core_saved_objects_browser_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-mocks title: "@kbn/core-saved-objects-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-mocks'] --- import kbnCoreSavedObjectsBrowserMocksObj from './kbn_core_saved_objects_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_common.devdocs.json b/api_docs/kbn_core_saved_objects_common.devdocs.json index 0f46f3e03e417..da1b2ea8a0cf1 100644 --- a/api_docs/kbn_core_saved_objects_common.devdocs.json +++ b/api_docs/kbn_core_saved_objects_common.devdocs.json @@ -1588,12 +1588,20 @@ "path": "src/core/public/index.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" + }, + { + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/types.ts" + }, + { + "plugin": "embeddable", + "path": "src/plugins/embeddable/public/types.ts" }, { "plugin": "savedObjects", @@ -1609,11 +1617,11 @@ }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" + "path": "src/plugins/saved_objects/public/types.ts" }, { "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" + "path": "src/plugins/saved_objects/public/types.ts" }, { "plugin": "savedObjects", @@ -1632,20 +1640,12 @@ "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.ts" }, { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" - }, - { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/lib/embeddables/default_embeddable_factory_provider.ts" - }, - { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/types.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { - "plugin": "embeddable", - "path": "src/plugins/embeddable/public/types.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/saved_object/helpers/create_source.ts" }, { "plugin": "visualizations", @@ -1695,50 +1695,6 @@ "plugin": "graph", "path": "x-pack/plugins/graph/public/helpers/saved_workspace_utils.ts" }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, - { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/saved_object/saved_object.test.ts" - }, { "plugin": "savedObjects", "path": "src/plugins/saved_objects/public/saved_object/helpers/save_with_confirmation.test.ts" @@ -1843,12 +1799,12 @@ "path": "src/core/public/index.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "savedObjectsManagement", + "path": "src/plugins/saved_objects_management/public/services/types/record.ts" }, { - "plugin": "savedObjects", - "path": "src/plugins/saved_objects/public/types.ts" + "plugin": "savedObjectsManagement", + "path": "src/plugins/saved_objects_management/public/services/types/record.ts" }, { "plugin": "savedObjects", @@ -1867,12 +1823,12 @@ "path": "src/plugins/saved_objects/public/types.ts" }, { - "plugin": "savedObjectsManagement", - "path": "src/plugins/saved_objects_management/public/services/types/record.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/types.ts" }, { - "plugin": "savedObjectsManagement", - "path": "src/plugins/saved_objects_management/public/services/types/record.ts" + "plugin": "savedObjects", + "path": "src/plugins/saved_objects/public/types.ts" }, { "plugin": "visualizations", @@ -2202,38 +2158,6 @@ "plugin": "dashboard", "path": "src/plugins/dashboard/common/bwc/types.ts" }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/extract_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/inject_tag_references.test.ts" - }, { "plugin": "@kbn/core", "path": "src/core/types/index.ts" diff --git a/api_docs/kbn_core_saved_objects_common.mdx b/api_docs/kbn_core_saved_objects_common.mdx index 85ea8df422479..40f466e485ddd 100644 --- a/api_docs/kbn_core_saved_objects_common.mdx +++ b/api_docs/kbn_core_saved_objects_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-common title: "@kbn/core-saved-objects-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-common'] --- import kbnCoreSavedObjectsCommonObj from './kbn_core_saved_objects_common.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx index 183db1bf3bc09..7f8c90761846f 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-internal title: "@kbn/core-saved-objects-import-export-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-internal'] --- import kbnCoreSavedObjectsImportExportServerInternalObj from './kbn_core_saved_objects_import_export_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx index a0d0f3383026a..5f823a88de866 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-mocks title: "@kbn/core-saved-objects-import-export-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-mocks'] --- import kbnCoreSavedObjectsImportExportServerMocksObj from './kbn_core_saved_objects_import_export_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx index 79b2f88a87ceb..6486972bba111 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-internal title: "@kbn/core-saved-objects-migration-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-internal'] --- import kbnCoreSavedObjectsMigrationServerInternalObj from './kbn_core_saved_objects_migration_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx index 3cac016901f49..71154fc04758b 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-mocks title: "@kbn/core-saved-objects-migration-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-mocks'] --- import kbnCoreSavedObjectsMigrationServerMocksObj from './kbn_core_saved_objects_migration_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server.mdx b/api_docs/kbn_core_saved_objects_server.mdx index 3222ed47c2a67..f8ccda3f7d1bb 100644 --- a/api_docs/kbn_core_saved_objects_server.mdx +++ b/api_docs/kbn_core_saved_objects_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server title: "@kbn/core-saved-objects-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server'] --- import kbnCoreSavedObjectsServerObj from './kbn_core_saved_objects_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_internal.mdx b/api_docs/kbn_core_saved_objects_server_internal.mdx index ac9bac4acd090..a55da08ff21ba 100644 --- a/api_docs/kbn_core_saved_objects_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-internal title: "@kbn/core-saved-objects-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-internal'] --- import kbnCoreSavedObjectsServerInternalObj from './kbn_core_saved_objects_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_mocks.mdx b/api_docs/kbn_core_saved_objects_server_mocks.mdx index f6db8b2f291af..17869c68b780e 100644 --- a/api_docs/kbn_core_saved_objects_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-mocks title: "@kbn/core-saved-objects-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-mocks'] --- import kbnCoreSavedObjectsServerMocksObj from './kbn_core_saved_objects_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_utils_server.mdx b/api_docs/kbn_core_saved_objects_utils_server.mdx index c8ae50e55ecb2..e97cdfbaa797c 100644 --- a/api_docs/kbn_core_saved_objects_utils_server.mdx +++ b/api_docs/kbn_core_saved_objects_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-utils-server title: "@kbn/core-saved-objects-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-utils-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-utils-server'] --- import kbnCoreSavedObjectsUtilsServerObj from './kbn_core_saved_objects_utils_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser.mdx b/api_docs/kbn_core_security_browser.mdx index 9c4e71a7025e8..5b0dd0a3cc671 100644 --- a/api_docs/kbn_core_security_browser.mdx +++ b/api_docs/kbn_core_security_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser title: "@kbn/core-security-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser'] --- import kbnCoreSecurityBrowserObj from './kbn_core_security_browser.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_internal.mdx b/api_docs/kbn_core_security_browser_internal.mdx index 0ab0ee9c212c1..ca57c9be043ad 100644 --- a/api_docs/kbn_core_security_browser_internal.mdx +++ b/api_docs/kbn_core_security_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-internal title: "@kbn/core-security-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-internal'] --- import kbnCoreSecurityBrowserInternalObj from './kbn_core_security_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_mocks.mdx b/api_docs/kbn_core_security_browser_mocks.mdx index afd04a105f1db..ce45682d04a39 100644 --- a/api_docs/kbn_core_security_browser_mocks.mdx +++ b/api_docs/kbn_core_security_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-mocks title: "@kbn/core-security-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-mocks'] --- import kbnCoreSecurityBrowserMocksObj from './kbn_core_security_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_security_common.mdx b/api_docs/kbn_core_security_common.mdx index d353a9c2b523b..587556bc1fed6 100644 --- a/api_docs/kbn_core_security_common.mdx +++ b/api_docs/kbn_core_security_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-common title: "@kbn/core-security-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-common'] --- import kbnCoreSecurityCommonObj from './kbn_core_security_common.devdocs.json'; diff --git a/api_docs/kbn_core_security_server.mdx b/api_docs/kbn_core_security_server.mdx index 24b5bcfc91c68..d5720cf4d8ee0 100644 --- a/api_docs/kbn_core_security_server.mdx +++ b/api_docs/kbn_core_security_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server title: "@kbn/core-security-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server'] --- import kbnCoreSecurityServerObj from './kbn_core_security_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_internal.mdx b/api_docs/kbn_core_security_server_internal.mdx index 31ac9a9c160d4..3bc87b9b6b31a 100644 --- a/api_docs/kbn_core_security_server_internal.mdx +++ b/api_docs/kbn_core_security_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-internal title: "@kbn/core-security-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-internal'] --- import kbnCoreSecurityServerInternalObj from './kbn_core_security_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_mocks.mdx b/api_docs/kbn_core_security_server_mocks.mdx index 813c10bea560b..d8fd38089b569 100644 --- a/api_docs/kbn_core_security_server_mocks.mdx +++ b/api_docs/kbn_core_security_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-mocks title: "@kbn/core-security-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-mocks'] --- import kbnCoreSecurityServerMocksObj from './kbn_core_security_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_status_common.mdx b/api_docs/kbn_core_status_common.mdx index 74afc99042dd7..437af097eb034 100644 --- a/api_docs/kbn_core_status_common.mdx +++ b/api_docs/kbn_core_status_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common title: "@kbn/core-status-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common'] --- import kbnCoreStatusCommonObj from './kbn_core_status_common.devdocs.json'; diff --git a/api_docs/kbn_core_status_common_internal.mdx b/api_docs/kbn_core_status_common_internal.mdx index d6fa421bd715d..47a7a13a2f986 100644 --- a/api_docs/kbn_core_status_common_internal.mdx +++ b/api_docs/kbn_core_status_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common-internal title: "@kbn/core-status-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common-internal'] --- import kbnCoreStatusCommonInternalObj from './kbn_core_status_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server.mdx b/api_docs/kbn_core_status_server.mdx index 838543bb56e4a..261c01f4b8d54 100644 --- a/api_docs/kbn_core_status_server.mdx +++ b/api_docs/kbn_core_status_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server title: "@kbn/core-status-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server'] --- import kbnCoreStatusServerObj from './kbn_core_status_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_internal.mdx b/api_docs/kbn_core_status_server_internal.mdx index c5b80b2fc4937..8c16ca745633d 100644 --- a/api_docs/kbn_core_status_server_internal.mdx +++ b/api_docs/kbn_core_status_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-internal title: "@kbn/core-status-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-internal'] --- import kbnCoreStatusServerInternalObj from './kbn_core_status_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_mocks.mdx b/api_docs/kbn_core_status_server_mocks.mdx index 43a04efe19a16..a2c3da7cb79d0 100644 --- a/api_docs/kbn_core_status_server_mocks.mdx +++ b/api_docs/kbn_core_status_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-mocks title: "@kbn/core-status-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-mocks'] --- import kbnCoreStatusServerMocksObj from './kbn_core_status_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx index a27bfd67a5878..05beae7a392b8 100644 --- a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx +++ b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-deprecations-getters title: "@kbn/core-test-helpers-deprecations-getters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-deprecations-getters plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-deprecations-getters'] --- import kbnCoreTestHelpersDeprecationsGettersObj from './kbn_core_test_helpers_deprecations_getters.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx index 9797e8efd6441..35fe4ef4201ba 100644 --- a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx +++ b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-http-setup-browser title: "@kbn/core-test-helpers-http-setup-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-http-setup-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-http-setup-browser'] --- import kbnCoreTestHelpersHttpSetupBrowserObj from './kbn_core_test_helpers_http_setup_browser.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_kbn_server.mdx b/api_docs/kbn_core_test_helpers_kbn_server.mdx index 488ab75c77f46..390b950a797c9 100644 --- a/api_docs/kbn_core_test_helpers_kbn_server.mdx +++ b/api_docs/kbn_core_test_helpers_kbn_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-kbn-server title: "@kbn/core-test-helpers-kbn-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-kbn-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-kbn-server'] --- import kbnCoreTestHelpersKbnServerObj from './kbn_core_test_helpers_kbn_server.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_model_versions.mdx b/api_docs/kbn_core_test_helpers_model_versions.mdx index a3cc6ea4fad3c..10b31a192613c 100644 --- a/api_docs/kbn_core_test_helpers_model_versions.mdx +++ b/api_docs/kbn_core_test_helpers_model_versions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-model-versions title: "@kbn/core-test-helpers-model-versions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-model-versions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-model-versions'] --- import kbnCoreTestHelpersModelVersionsObj from './kbn_core_test_helpers_model_versions.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx index f8874ce76e1b7..ae560d98dea8e 100644 --- a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx +++ b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-so-type-serializer title: "@kbn/core-test-helpers-so-type-serializer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-so-type-serializer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-so-type-serializer'] --- import kbnCoreTestHelpersSoTypeSerializerObj from './kbn_core_test_helpers_so_type_serializer.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_test_utils.mdx b/api_docs/kbn_core_test_helpers_test_utils.mdx index 2319a612e64e5..10da68c7c119c 100644 --- a/api_docs/kbn_core_test_helpers_test_utils.mdx +++ b/api_docs/kbn_core_test_helpers_test_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-test-utils title: "@kbn/core-test-helpers-test-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-test-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-test-utils'] --- import kbnCoreTestHelpersTestUtilsObj from './kbn_core_test_helpers_test_utils.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser.mdx b/api_docs/kbn_core_theme_browser.mdx index 59f15638d97b2..8e04d58b85fa2 100644 --- a/api_docs/kbn_core_theme_browser.mdx +++ b/api_docs/kbn_core_theme_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser title: "@kbn/core-theme-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser'] --- import kbnCoreThemeBrowserObj from './kbn_core_theme_browser.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser_mocks.mdx b/api_docs/kbn_core_theme_browser_mocks.mdx index 8639a38de2794..a609e539c7caa 100644 --- a/api_docs/kbn_core_theme_browser_mocks.mdx +++ b/api_docs/kbn_core_theme_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser-mocks title: "@kbn/core-theme-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser-mocks'] --- import kbnCoreThemeBrowserMocksObj from './kbn_core_theme_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser.mdx b/api_docs/kbn_core_ui_settings_browser.mdx index a98c7c5327526..628bd1977ccb8 100644 --- a/api_docs/kbn_core_ui_settings_browser.mdx +++ b/api_docs/kbn_core_ui_settings_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser title: "@kbn/core-ui-settings-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser'] --- import kbnCoreUiSettingsBrowserObj from './kbn_core_ui_settings_browser.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_internal.mdx b/api_docs/kbn_core_ui_settings_browser_internal.mdx index 1c6733f6168d8..e9ccf2a9746bc 100644 --- a/api_docs/kbn_core_ui_settings_browser_internal.mdx +++ b/api_docs/kbn_core_ui_settings_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-internal title: "@kbn/core-ui-settings-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-internal'] --- import kbnCoreUiSettingsBrowserInternalObj from './kbn_core_ui_settings_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_mocks.mdx b/api_docs/kbn_core_ui_settings_browser_mocks.mdx index dc28783a5a3b8..818a098a0efe6 100644 --- a/api_docs/kbn_core_ui_settings_browser_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-mocks title: "@kbn/core-ui-settings-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-mocks'] --- import kbnCoreUiSettingsBrowserMocksObj from './kbn_core_ui_settings_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_common.mdx b/api_docs/kbn_core_ui_settings_common.mdx index ae084b9ccaba1..d0a835c7a8249 100644 --- a/api_docs/kbn_core_ui_settings_common.mdx +++ b/api_docs/kbn_core_ui_settings_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-common title: "@kbn/core-ui-settings-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-common'] --- import kbnCoreUiSettingsCommonObj from './kbn_core_ui_settings_common.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server.mdx b/api_docs/kbn_core_ui_settings_server.mdx index 267e0e4e4bfc8..b9d6c66e2a498 100644 --- a/api_docs/kbn_core_ui_settings_server.mdx +++ b/api_docs/kbn_core_ui_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server title: "@kbn/core-ui-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server'] --- import kbnCoreUiSettingsServerObj from './kbn_core_ui_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_internal.mdx b/api_docs/kbn_core_ui_settings_server_internal.mdx index b2f3c4053e77a..88773a76d6a16 100644 --- a/api_docs/kbn_core_ui_settings_server_internal.mdx +++ b/api_docs/kbn_core_ui_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-internal title: "@kbn/core-ui-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-internal'] --- import kbnCoreUiSettingsServerInternalObj from './kbn_core_ui_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_mocks.mdx b/api_docs/kbn_core_ui_settings_server_mocks.mdx index 0138052aface8..af896fd4460f4 100644 --- a/api_docs/kbn_core_ui_settings_server_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-mocks title: "@kbn/core-ui-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-mocks'] --- import kbnCoreUiSettingsServerMocksObj from './kbn_core_ui_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server.mdx b/api_docs/kbn_core_usage_data_server.mdx index 23e208f2e7f89..65a647a301dd5 100644 --- a/api_docs/kbn_core_usage_data_server.mdx +++ b/api_docs/kbn_core_usage_data_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server title: "@kbn/core-usage-data-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server'] --- import kbnCoreUsageDataServerObj from './kbn_core_usage_data_server.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_internal.mdx b/api_docs/kbn_core_usage_data_server_internal.mdx index 03b49ca093c2c..9d32d0d062140 100644 --- a/api_docs/kbn_core_usage_data_server_internal.mdx +++ b/api_docs/kbn_core_usage_data_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-internal title: "@kbn/core-usage-data-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-internal'] --- import kbnCoreUsageDataServerInternalObj from './kbn_core_usage_data_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_mocks.mdx b/api_docs/kbn_core_usage_data_server_mocks.mdx index 2ab7bd0f61d84..7f9476d3b0512 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.mdx +++ b/api_docs/kbn_core_usage_data_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-mocks title: "@kbn/core-usage-data-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-mocks'] --- import kbnCoreUsageDataServerMocksObj from './kbn_core_usage_data_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser.mdx b/api_docs/kbn_core_user_profile_browser.mdx index f91a24a336c01..ad6ddaf9454a8 100644 --- a/api_docs/kbn_core_user_profile_browser.mdx +++ b/api_docs/kbn_core_user_profile_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser title: "@kbn/core-user-profile-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser'] --- import kbnCoreUserProfileBrowserObj from './kbn_core_user_profile_browser.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_internal.mdx b/api_docs/kbn_core_user_profile_browser_internal.mdx index ff826573a9684..a222c881003e8 100644 --- a/api_docs/kbn_core_user_profile_browser_internal.mdx +++ b/api_docs/kbn_core_user_profile_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-internal title: "@kbn/core-user-profile-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-internal'] --- import kbnCoreUserProfileBrowserInternalObj from './kbn_core_user_profile_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_mocks.mdx b/api_docs/kbn_core_user_profile_browser_mocks.mdx index 348819d00a654..05ca54ae3a50f 100644 --- a/api_docs/kbn_core_user_profile_browser_mocks.mdx +++ b/api_docs/kbn_core_user_profile_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-mocks title: "@kbn/core-user-profile-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-mocks'] --- import kbnCoreUserProfileBrowserMocksObj from './kbn_core_user_profile_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_common.mdx b/api_docs/kbn_core_user_profile_common.mdx index dc800b585b00f..2fe79c73f31ab 100644 --- a/api_docs/kbn_core_user_profile_common.mdx +++ b/api_docs/kbn_core_user_profile_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-common title: "@kbn/core-user-profile-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-common'] --- import kbnCoreUserProfileCommonObj from './kbn_core_user_profile_common.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server.mdx b/api_docs/kbn_core_user_profile_server.mdx index e374be651f4b5..530ca6ef4db78 100644 --- a/api_docs/kbn_core_user_profile_server.mdx +++ b/api_docs/kbn_core_user_profile_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server title: "@kbn/core-user-profile-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server'] --- import kbnCoreUserProfileServerObj from './kbn_core_user_profile_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_internal.mdx b/api_docs/kbn_core_user_profile_server_internal.mdx index 43b0071abf07c..80a149ad5b1d0 100644 --- a/api_docs/kbn_core_user_profile_server_internal.mdx +++ b/api_docs/kbn_core_user_profile_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-internal title: "@kbn/core-user-profile-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-internal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-internal'] --- import kbnCoreUserProfileServerInternalObj from './kbn_core_user_profile_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_mocks.mdx b/api_docs/kbn_core_user_profile_server_mocks.mdx index 2764d8ba5fc96..7bda5bd6128be 100644 --- a/api_docs/kbn_core_user_profile_server_mocks.mdx +++ b/api_docs/kbn_core_user_profile_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-mocks title: "@kbn/core-user-profile-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-mocks'] --- import kbnCoreUserProfileServerMocksObj from './kbn_core_user_profile_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server.mdx b/api_docs/kbn_core_user_settings_server.mdx index 35c2ee31fa934..e5aa8d61b6358 100644 --- a/api_docs/kbn_core_user_settings_server.mdx +++ b/api_docs/kbn_core_user_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server title: "@kbn/core-user-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server'] --- import kbnCoreUserSettingsServerObj from './kbn_core_user_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_mocks.mdx b/api_docs/kbn_core_user_settings_server_mocks.mdx index a732a9fbedef4..7368d5c511a72 100644 --- a/api_docs/kbn_core_user_settings_server_mocks.mdx +++ b/api_docs/kbn_core_user_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-mocks title: "@kbn/core-user-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-mocks'] --- import kbnCoreUserSettingsServerMocksObj from './kbn_core_user_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_crypto.mdx b/api_docs/kbn_crypto.mdx index ef96ea8134557..c8e0fdca4b427 100644 --- a/api_docs/kbn_crypto.mdx +++ b/api_docs/kbn_crypto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto title: "@kbn/crypto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto'] --- import kbnCryptoObj from './kbn_crypto.devdocs.json'; diff --git a/api_docs/kbn_crypto_browser.mdx b/api_docs/kbn_crypto_browser.mdx index 2c14b8dcfabd2..4ad2cd407b4eb 100644 --- a/api_docs/kbn_crypto_browser.mdx +++ b/api_docs/kbn_crypto_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto-browser title: "@kbn/crypto-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto-browser'] --- import kbnCryptoBrowserObj from './kbn_crypto_browser.devdocs.json'; diff --git a/api_docs/kbn_custom_icons.mdx b/api_docs/kbn_custom_icons.mdx index e224835db716b..6fb423169bca1 100644 --- a/api_docs/kbn_custom_icons.mdx +++ b/api_docs/kbn_custom_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-icons title: "@kbn/custom-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-icons plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-icons'] --- import kbnCustomIconsObj from './kbn_custom_icons.devdocs.json'; diff --git a/api_docs/kbn_custom_integrations.mdx b/api_docs/kbn_custom_integrations.mdx index 7e0766f0b7f6d..a2b59efce2016 100644 --- a/api_docs/kbn_custom_integrations.mdx +++ b/api_docs/kbn_custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-integrations title: "@kbn/custom-integrations" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-integrations plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-integrations'] --- import kbnCustomIntegrationsObj from './kbn_custom_integrations.devdocs.json'; diff --git a/api_docs/kbn_cypress_config.mdx b/api_docs/kbn_cypress_config.mdx index 5d73c513b34d8..86f7892f60a2e 100644 --- a/api_docs/kbn_cypress_config.mdx +++ b/api_docs/kbn_cypress_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cypress-config title: "@kbn/cypress-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cypress-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cypress-config'] --- import kbnCypressConfigObj from './kbn_cypress_config.devdocs.json'; diff --git a/api_docs/kbn_data_forge.mdx b/api_docs/kbn_data_forge.mdx index 9fe39337f0d2e..df182db59ddc1 100644 --- a/api_docs/kbn_data_forge.mdx +++ b/api_docs/kbn_data_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-forge title: "@kbn/data-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-forge plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-forge'] --- import kbnDataForgeObj from './kbn_data_forge.devdocs.json'; diff --git a/api_docs/kbn_data_service.mdx b/api_docs/kbn_data_service.mdx index 01cb913d8e2f1..31ff87ecce731 100644 --- a/api_docs/kbn_data_service.mdx +++ b/api_docs/kbn_data_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-service title: "@kbn/data-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-service plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-service'] --- import kbnDataServiceObj from './kbn_data_service.devdocs.json'; diff --git a/api_docs/kbn_data_stream_adapter.mdx b/api_docs/kbn_data_stream_adapter.mdx index 820f980a44b5f..4c4a7af436d8f 100644 --- a/api_docs/kbn_data_stream_adapter.mdx +++ b/api_docs/kbn_data_stream_adapter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-stream-adapter title: "@kbn/data-stream-adapter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-stream-adapter plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-stream-adapter'] --- import kbnDataStreamAdapterObj from './kbn_data_stream_adapter.devdocs.json'; diff --git a/api_docs/kbn_data_view_utils.mdx b/api_docs/kbn_data_view_utils.mdx index cfbe27366c0bb..9294e9dad74e2 100644 --- a/api_docs/kbn_data_view_utils.mdx +++ b/api_docs/kbn_data_view_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-view-utils title: "@kbn/data-view-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-view-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-view-utils'] --- import kbnDataViewUtilsObj from './kbn_data_view_utils.devdocs.json'; diff --git a/api_docs/kbn_datemath.mdx b/api_docs/kbn_datemath.mdx index ac8083f8a15c0..00a0091b4e25a 100644 --- a/api_docs/kbn_datemath.mdx +++ b/api_docs/kbn_datemath.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-datemath title: "@kbn/datemath" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/datemath plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/datemath'] --- import kbnDatemathObj from './kbn_datemath.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_analytics.mdx b/api_docs/kbn_deeplinks_analytics.mdx index 50311c9db5306..1ab560b521fba 100644 --- a/api_docs/kbn_deeplinks_analytics.mdx +++ b/api_docs/kbn_deeplinks_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-analytics title: "@kbn/deeplinks-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-analytics plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-analytics'] --- import kbnDeeplinksAnalyticsObj from './kbn_deeplinks_analytics.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_devtools.mdx b/api_docs/kbn_deeplinks_devtools.mdx index 337c676120115..333d5e971fc79 100644 --- a/api_docs/kbn_deeplinks_devtools.mdx +++ b/api_docs/kbn_deeplinks_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-devtools title: "@kbn/deeplinks-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-devtools plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-devtools'] --- import kbnDeeplinksDevtoolsObj from './kbn_deeplinks_devtools.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_fleet.mdx b/api_docs/kbn_deeplinks_fleet.mdx index 8b3373aca1ad5..fa860e767f515 100644 --- a/api_docs/kbn_deeplinks_fleet.mdx +++ b/api_docs/kbn_deeplinks_fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-fleet title: "@kbn/deeplinks-fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-fleet plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-fleet'] --- import kbnDeeplinksFleetObj from './kbn_deeplinks_fleet.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_management.mdx b/api_docs/kbn_deeplinks_management.mdx index 3bf7efc8b1594..cfce275d8f5a7 100644 --- a/api_docs/kbn_deeplinks_management.mdx +++ b/api_docs/kbn_deeplinks_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-management title: "@kbn/deeplinks-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-management plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-management'] --- import kbnDeeplinksManagementObj from './kbn_deeplinks_management.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_ml.mdx b/api_docs/kbn_deeplinks_ml.mdx index bcf0ef4b1c7f2..28d7b85129a78 100644 --- a/api_docs/kbn_deeplinks_ml.mdx +++ b/api_docs/kbn_deeplinks_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-ml title: "@kbn/deeplinks-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-ml plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-ml'] --- import kbnDeeplinksMlObj from './kbn_deeplinks_ml.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_observability.mdx b/api_docs/kbn_deeplinks_observability.mdx index fd80b8d4ce088..44764c9eebdba 100644 --- a/api_docs/kbn_deeplinks_observability.mdx +++ b/api_docs/kbn_deeplinks_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-observability title: "@kbn/deeplinks-observability" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-observability plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-observability'] --- import kbnDeeplinksObservabilityObj from './kbn_deeplinks_observability.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_search.mdx b/api_docs/kbn_deeplinks_search.mdx index 41d8058035c8b..0c7586b782191 100644 --- a/api_docs/kbn_deeplinks_search.mdx +++ b/api_docs/kbn_deeplinks_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-search title: "@kbn/deeplinks-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-search plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-search'] --- import kbnDeeplinksSearchObj from './kbn_deeplinks_search.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_security.mdx b/api_docs/kbn_deeplinks_security.mdx index 359cfe71e10f1..6685fc795dd59 100644 --- a/api_docs/kbn_deeplinks_security.mdx +++ b/api_docs/kbn_deeplinks_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-security title: "@kbn/deeplinks-security" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-security plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-security'] --- import kbnDeeplinksSecurityObj from './kbn_deeplinks_security.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_shared.mdx b/api_docs/kbn_deeplinks_shared.mdx index 7e8ef2ed9adc4..d49678efcf267 100644 --- a/api_docs/kbn_deeplinks_shared.mdx +++ b/api_docs/kbn_deeplinks_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-shared title: "@kbn/deeplinks-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-shared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-shared'] --- import kbnDeeplinksSharedObj from './kbn_deeplinks_shared.devdocs.json'; diff --git a/api_docs/kbn_default_nav_analytics.mdx b/api_docs/kbn_default_nav_analytics.mdx index ab5f28a816b76..c474e0d80dd97 100644 --- a/api_docs/kbn_default_nav_analytics.mdx +++ b/api_docs/kbn_default_nav_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-analytics title: "@kbn/default-nav-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-analytics plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-analytics'] --- import kbnDefaultNavAnalyticsObj from './kbn_default_nav_analytics.devdocs.json'; diff --git a/api_docs/kbn_default_nav_devtools.mdx b/api_docs/kbn_default_nav_devtools.mdx index ad47e1d6bcf58..ceb026c1ace28 100644 --- a/api_docs/kbn_default_nav_devtools.mdx +++ b/api_docs/kbn_default_nav_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-devtools title: "@kbn/default-nav-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-devtools plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-devtools'] --- import kbnDefaultNavDevtoolsObj from './kbn_default_nav_devtools.devdocs.json'; diff --git a/api_docs/kbn_default_nav_management.mdx b/api_docs/kbn_default_nav_management.mdx index 2a8ea904d3602..cf9dcfc6ad8bf 100644 --- a/api_docs/kbn_default_nav_management.mdx +++ b/api_docs/kbn_default_nav_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-management title: "@kbn/default-nav-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-management plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-management'] --- import kbnDefaultNavManagementObj from './kbn_default_nav_management.devdocs.json'; diff --git a/api_docs/kbn_default_nav_ml.mdx b/api_docs/kbn_default_nav_ml.mdx index 31165b24f57cf..ad251be44742b 100644 --- a/api_docs/kbn_default_nav_ml.mdx +++ b/api_docs/kbn_default_nav_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-ml title: "@kbn/default-nav-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-ml plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-ml'] --- import kbnDefaultNavMlObj from './kbn_default_nav_ml.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_errors.mdx b/api_docs/kbn_dev_cli_errors.mdx index fbcc7bb468bb5..fed28786cb4c3 100644 --- a/api_docs/kbn_dev_cli_errors.mdx +++ b/api_docs/kbn_dev_cli_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-errors title: "@kbn/dev-cli-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-errors plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-errors'] --- import kbnDevCliErrorsObj from './kbn_dev_cli_errors.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_runner.mdx b/api_docs/kbn_dev_cli_runner.mdx index 7edfd59066feb..40e82da067937 100644 --- a/api_docs/kbn_dev_cli_runner.mdx +++ b/api_docs/kbn_dev_cli_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-runner title: "@kbn/dev-cli-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-runner plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-runner'] --- import kbnDevCliRunnerObj from './kbn_dev_cli_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_proc_runner.mdx b/api_docs/kbn_dev_proc_runner.mdx index 6cf6c88cad2bb..33d242ac18540 100644 --- a/api_docs/kbn_dev_proc_runner.mdx +++ b/api_docs/kbn_dev_proc_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-proc-runner title: "@kbn/dev-proc-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-proc-runner plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-proc-runner'] --- import kbnDevProcRunnerObj from './kbn_dev_proc_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_utils.mdx b/api_docs/kbn_dev_utils.mdx index 649e987b58713..0012a1a8b17be 100644 --- a/api_docs/kbn_dev_utils.mdx +++ b/api_docs/kbn_dev_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-utils title: "@kbn/dev-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-utils'] --- import kbnDevUtilsObj from './kbn_dev_utils.devdocs.json'; diff --git a/api_docs/kbn_discover_utils.mdx b/api_docs/kbn_discover_utils.mdx index 9f1346266fb64..a61fae2d2cee9 100644 --- a/api_docs/kbn_discover_utils.mdx +++ b/api_docs/kbn_discover_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-discover-utils title: "@kbn/discover-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/discover-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/discover-utils'] --- import kbnDiscoverUtilsObj from './kbn_discover_utils.devdocs.json'; diff --git a/api_docs/kbn_doc_links.devdocs.json b/api_docs/kbn_doc_links.devdocs.json index 0cce251902dcb..7dfb05bacf442 100644 --- a/api_docs/kbn_doc_links.devdocs.json +++ b/api_docs/kbn_doc_links.devdocs.json @@ -851,7 +851,7 @@ "label": "fleet", "description": [], "signature": [ - "{ readonly beatsAgentComparison: string; readonly guide: string; readonly fleetServer: string; readonly fleetServerAddFleetServer: string; readonly esSettings: string; readonly settings: string; readonly logstashSettings: string; readonly kafkaSettings: string; readonly settingsFleetServerHostSettings: string; readonly settingsFleetServerProxySettings: string; readonly troubleshooting: string; readonly elasticAgent: string; readonly datastreams: string; readonly datastreamsILM: string; readonly datastreamsNamingScheme: string; readonly datastreamsManualRollover: string; readonly datastreamsTSDS: string; readonly datastreamsTSDSMetrics: string; readonly datastreamsDownsampling: string; readonly installElasticAgent: string; readonly installElasticAgentStandalone: string; readonly grantESAccessToStandaloneAgents: string; readonly packageSignatures: string; readonly upgradeElasticAgent: string; readonly learnMoreBlog: string; readonly apiKeysLearnMore: string; readonly onPremRegistry: string; readonly secureLogstash: string; readonly agentPolicy: string; readonly api: string; readonly uninstallAgent: string; readonly installAndUninstallIntegrationAssets: string; readonly elasticAgentInputConfiguration: string; readonly policySecrets: string; readonly remoteESOoutput: string; readonly performancePresets: string; readonly scalingKubernetesResourcesAndLimits: string; readonly roleAndPrivileges: string; readonly proxiesSettings: string; readonly unprivilegedMode: string; }" + "{ readonly beatsAgentComparison: string; readonly guide: string; readonly fleetServer: string; readonly fleetServerAddFleetServer: string; readonly esSettings: string; readonly settings: string; readonly logstashSettings: string; readonly kafkaSettings: string; readonly settingsFleetServerHostSettings: string; readonly settingsFleetServerProxySettings: string; readonly troubleshooting: string; readonly elasticAgent: string; readonly datastreams: string; readonly datastreamsILM: string; readonly datastreamsNamingScheme: string; readonly datastreamsManualRollover: string; readonly datastreamsTSDS: string; readonly datastreamsTSDSMetrics: string; readonly datastreamsDownsampling: string; readonly installElasticAgent: string; readonly installElasticAgentStandalone: string; readonly grantESAccessToStandaloneAgents: string; readonly packageSignatures: string; readonly upgradeElasticAgent: string; readonly learnMoreBlog: string; readonly apiKeysLearnMore: string; readonly onPremRegistry: string; readonly secureLogstash: string; readonly agentPolicy: string; readonly api: string; readonly uninstallAgent: string; readonly installAndUninstallIntegrationAssets: string; readonly elasticAgentInputConfiguration: string; readonly policySecrets: string; readonly remoteESOoutput: string; readonly performancePresets: string; readonly scalingKubernetesResourcesAndLimits: string; readonly roleAndPrivileges: string; readonly proxiesSettings: string; readonly unprivilegedMode: string; readonly httpMonitoring: string; }" ], "path": "packages/kbn-doc-links/src/types.ts", "deprecated": false, diff --git a/api_docs/kbn_doc_links.mdx b/api_docs/kbn_doc_links.mdx index d8243d8286aba..1539bb867dcbc 100644 --- a/api_docs/kbn_doc_links.mdx +++ b/api_docs/kbn_doc_links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-doc-links title: "@kbn/doc-links" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/doc-links plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/doc-links'] --- import kbnDocLinksObj from './kbn_doc_links.devdocs.json'; diff --git a/api_docs/kbn_docs_utils.mdx b/api_docs/kbn_docs_utils.mdx index 3e62d92cd92bc..6b10346fa89d4 100644 --- a/api_docs/kbn_docs_utils.mdx +++ b/api_docs/kbn_docs_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-docs-utils title: "@kbn/docs-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/docs-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/docs-utils'] --- import kbnDocsUtilsObj from './kbn_docs_utils.devdocs.json'; diff --git a/api_docs/kbn_dom_drag_drop.mdx b/api_docs/kbn_dom_drag_drop.mdx index 2345eefb548d3..2af9237f2b094 100644 --- a/api_docs/kbn_dom_drag_drop.mdx +++ b/api_docs/kbn_dom_drag_drop.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dom-drag-drop title: "@kbn/dom-drag-drop" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dom-drag-drop plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dom-drag-drop'] --- import kbnDomDragDropObj from './kbn_dom_drag_drop.devdocs.json'; diff --git a/api_docs/kbn_ebt_tools.mdx b/api_docs/kbn_ebt_tools.mdx index dbbaad44b5e51..6c40665c51af3 100644 --- a/api_docs/kbn_ebt_tools.mdx +++ b/api_docs/kbn_ebt_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ebt-tools title: "@kbn/ebt-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ebt-tools plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ebt-tools'] --- import kbnEbtToolsObj from './kbn_ebt_tools.devdocs.json'; diff --git a/api_docs/kbn_ecs_data_quality_dashboard.mdx b/api_docs/kbn_ecs_data_quality_dashboard.mdx index 9da40daa5c0bb..3e1e59b44d7da 100644 --- a/api_docs/kbn_ecs_data_quality_dashboard.mdx +++ b/api_docs/kbn_ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs-data-quality-dashboard title: "@kbn/ecs-data-quality-dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs-data-quality-dashboard plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs-data-quality-dashboard'] --- import kbnEcsDataQualityDashboardObj from './kbn_ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/kbn_elastic_agent_utils.devdocs.json b/api_docs/kbn_elastic_agent_utils.devdocs.json index 90c71816321f2..23de678c645bc 100644 --- a/api_docs/kbn_elastic_agent_utils.devdocs.json +++ b/api_docs/kbn_elastic_agent_utils.devdocs.json @@ -19,6 +19,54 @@ "common": { "classes": [], "functions": [ + { + "parentPluginId": "@kbn/elastic-agent-utils", + "id": "def-common.hasOpenTelemetryPrefix", + "type": "Function", + "tags": [], + "label": "hasOpenTelemetryPrefix", + "description": [], + "signature": [ + "(agentName: string | undefined, language: string) => boolean" + ], + "path": "packages/kbn-elastic-agent-utils/src/agent_guards.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/elastic-agent-utils", + "id": "def-common.hasOpenTelemetryPrefix.$1", + "type": "string", + "tags": [], + "label": "agentName", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/kbn-elastic-agent-utils/src/agent_guards.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": false + }, + { + "parentPluginId": "@kbn/elastic-agent-utils", + "id": "def-common.hasOpenTelemetryPrefix.$2", + "type": "string", + "tags": [], + "label": "language", + "description": [], + "signature": [ + "string" + ], + "path": "packages/kbn-elastic-agent-utils/src/agent_guards.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/elastic-agent-utils", "id": "def-common.isAndroidAgentName", @@ -431,7 +479,7 @@ "label": "AgentName", "description": [], "signature": [ - "\"java\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"java\" | \"opentelemetry\" | \"dotnet\" | \"go\" | \"iOS/swift\" | \"js-base\" | \"nodejs\" | \"php\" | \"python\" | \"ruby\" | \"rum-js\" | \"android/java\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\" | \"ios/swift\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -507,7 +555,7 @@ "label": "JavaAgentName", "description": [], "signature": [ - "\"java\" | \"opentelemetry/java\"" + "\"java\" | \"opentelemetry/java\" | \"otlp/java\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -544,7 +592,7 @@ "label": "OpenTelemetryAgentName", "description": [], "signature": [ - "\"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\"" + "\"opentelemetry\" | \"otlp\" | \"opentelemetry/cpp\" | \"opentelemetry/dotnet\" | \"opentelemetry/erlang\" | \"opentelemetry/go\" | \"opentelemetry/java\" | \"opentelemetry/nodejs\" | \"opentelemetry/php\" | \"opentelemetry/python\" | \"opentelemetry/ruby\" | \"opentelemetry/rust\" | \"opentelemetry/swift\" | \"opentelemetry/android\" | \"opentelemetry/webjs\" | \"otlp/cpp\" | \"otlp/dotnet\" | \"otlp/erlang\" | \"otlp/go\" | \"otlp/java\" | \"otlp/nodejs\" | \"otlp/php\" | \"otlp/python\" | \"otlp/ruby\" | \"otlp/rust\" | \"otlp/swift\" | \"otlp/android\" | \"otlp/webjs\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, @@ -581,7 +629,7 @@ "label": "RumAgentName", "description": [], "signature": [ - "\"js-base\" | \"rum-js\" | \"opentelemetry/webjs\"" + "\"js-base\" | \"rum-js\" | \"opentelemetry/webjs\" | \"otlp/webjs\"" ], "path": "packages/kbn-elastic-agent-utils/src/agent_names.ts", "deprecated": false, diff --git a/api_docs/kbn_elastic_agent_utils.mdx b/api_docs/kbn_elastic_agent_utils.mdx index 3ac851678ad60..08ec1d8c5b895 100644 --- a/api_docs/kbn_elastic_agent_utils.mdx +++ b/api_docs/kbn_elastic_agent_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-agent-utils title: "@kbn/elastic-agent-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-agent-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-agent-utils'] --- import kbnElasticAgentUtilsObj from './kbn_elastic_agent_utils.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 35 | 0 | 34 | 0 | +| 38 | 0 | 37 | 0 | ## Common diff --git a/api_docs/kbn_elastic_assistant.mdx b/api_docs/kbn_elastic_assistant.mdx index 4e31c4b484b2d..b11f52d280ac1 100644 --- a/api_docs/kbn_elastic_assistant.mdx +++ b/api_docs/kbn_elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant title: "@kbn/elastic-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant'] --- import kbnElasticAssistantObj from './kbn_elastic_assistant.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant_common.mdx b/api_docs/kbn_elastic_assistant_common.mdx index 874acc40f8edd..b94b9f5f33d98 100644 --- a/api_docs/kbn_elastic_assistant_common.mdx +++ b/api_docs/kbn_elastic_assistant_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant-common title: "@kbn/elastic-assistant-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant-common'] --- import kbnElasticAssistantCommonObj from './kbn_elastic_assistant_common.devdocs.json'; diff --git a/api_docs/kbn_entities_schema.mdx b/api_docs/kbn_entities_schema.mdx index 57b45c4fb933c..8d719f787b7e1 100644 --- a/api_docs/kbn_entities_schema.mdx +++ b/api_docs/kbn_entities_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-entities-schema title: "@kbn/entities-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/entities-schema plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/entities-schema'] --- import kbnEntitiesSchemaObj from './kbn_entities_schema.devdocs.json'; diff --git a/api_docs/kbn_es.devdocs.json b/api_docs/kbn_es.devdocs.json index 96bcb65c45764..d0ca58d30e501 100644 --- a/api_docs/kbn_es.devdocs.json +++ b/api_docs/kbn_es.devdocs.json @@ -711,7 +711,7 @@ "label": "readRolesDescriptorsFromResource", "description": [], "signature": [ - "(resourcePath: string) => any" + "(resourcePath: string) => object" ], "path": "packages/kbn-es/src/utils/read_roles_from_resource.ts", "deprecated": false, diff --git a/api_docs/kbn_es.mdx b/api_docs/kbn_es.mdx index 70789ac234832..ffd46ffe37600 100644 --- a/api_docs/kbn_es.mdx +++ b/api_docs/kbn_es.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es title: "@kbn/es" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es'] --- import kbnEsObj from './kbn_es.devdocs.json'; diff --git a/api_docs/kbn_es_archiver.mdx b/api_docs/kbn_es_archiver.mdx index 5696356c6033b..23a296f918f8f 100644 --- a/api_docs/kbn_es_archiver.mdx +++ b/api_docs/kbn_es_archiver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-archiver title: "@kbn/es-archiver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-archiver plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-archiver'] --- import kbnEsArchiverObj from './kbn_es_archiver.devdocs.json'; diff --git a/api_docs/kbn_es_errors.mdx b/api_docs/kbn_es_errors.mdx index a5d3e4508c5a1..3c6a0011f72cb 100644 --- a/api_docs/kbn_es_errors.mdx +++ b/api_docs/kbn_es_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-errors title: "@kbn/es-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-errors plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-errors'] --- import kbnEsErrorsObj from './kbn_es_errors.devdocs.json'; diff --git a/api_docs/kbn_es_query.mdx b/api_docs/kbn_es_query.mdx index 8a195619692c9..d4cb67acee503 100644 --- a/api_docs/kbn_es_query.mdx +++ b/api_docs/kbn_es_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-query title: "@kbn/es-query" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-query plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-query'] --- import kbnEsQueryObj from './kbn_es_query.devdocs.json'; diff --git a/api_docs/kbn_es_types.mdx b/api_docs/kbn_es_types.mdx index df6ccae0c8fc1..96e0807e16bd1 100644 --- a/api_docs/kbn_es_types.mdx +++ b/api_docs/kbn_es_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-types title: "@kbn/es-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-types'] --- import kbnEsTypesObj from './kbn_es_types.devdocs.json'; diff --git a/api_docs/kbn_eslint_plugin_imports.mdx b/api_docs/kbn_eslint_plugin_imports.mdx index 2a1820d7c7ede..69242ac642d6d 100644 --- a/api_docs/kbn_eslint_plugin_imports.mdx +++ b/api_docs/kbn_eslint_plugin_imports.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-eslint-plugin-imports title: "@kbn/eslint-plugin-imports" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/eslint-plugin-imports plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/eslint-plugin-imports'] --- import kbnEslintPluginImportsObj from './kbn_eslint_plugin_imports.devdocs.json'; diff --git a/api_docs/kbn_esql_ast.mdx b/api_docs/kbn_esql_ast.mdx index f70e3a5792f5a..9f7edd14d028b 100644 --- a/api_docs/kbn_esql_ast.mdx +++ b/api_docs/kbn_esql_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-ast title: "@kbn/esql-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-ast plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-ast'] --- import kbnEsqlAstObj from './kbn_esql_ast.devdocs.json'; diff --git a/api_docs/kbn_esql_utils.mdx b/api_docs/kbn_esql_utils.mdx index 6ce298f16de46..df8162b9811ac 100644 --- a/api_docs/kbn_esql_utils.mdx +++ b/api_docs/kbn_esql_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-utils title: "@kbn/esql-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-utils'] --- import kbnEsqlUtilsObj from './kbn_esql_utils.devdocs.json'; diff --git a/api_docs/kbn_esql_validation_autocomplete.mdx b/api_docs/kbn_esql_validation_autocomplete.mdx index bdbe2d6d0de92..a2531506312ab 100644 --- a/api_docs/kbn_esql_validation_autocomplete.mdx +++ b/api_docs/kbn_esql_validation_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-validation-autocomplete title: "@kbn/esql-validation-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-validation-autocomplete plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-validation-autocomplete'] --- import kbnEsqlValidationAutocompleteObj from './kbn_esql_validation_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_common.mdx b/api_docs/kbn_event_annotation_common.mdx index 30065fd74aee8..9bdc5db15b39e 100644 --- a/api_docs/kbn_event_annotation_common.mdx +++ b/api_docs/kbn_event_annotation_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-common title: "@kbn/event-annotation-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-common'] --- import kbnEventAnnotationCommonObj from './kbn_event_annotation_common.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_components.mdx b/api_docs/kbn_event_annotation_components.mdx index 62e7de9b1962a..07896aff3c309 100644 --- a/api_docs/kbn_event_annotation_components.mdx +++ b/api_docs/kbn_event_annotation_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-components title: "@kbn/event-annotation-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-components'] --- import kbnEventAnnotationComponentsObj from './kbn_event_annotation_components.devdocs.json'; diff --git a/api_docs/kbn_expandable_flyout.mdx b/api_docs/kbn_expandable_flyout.mdx index a7c614cede2b8..10d0e62ac4d7c 100644 --- a/api_docs/kbn_expandable_flyout.mdx +++ b/api_docs/kbn_expandable_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-expandable-flyout title: "@kbn/expandable-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/expandable-flyout plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/expandable-flyout'] --- import kbnExpandableFlyoutObj from './kbn_expandable_flyout.devdocs.json'; diff --git a/api_docs/kbn_field_types.mdx b/api_docs/kbn_field_types.mdx index 1b52ed4b9a7fb..2921dad0145fe 100644 --- a/api_docs/kbn_field_types.mdx +++ b/api_docs/kbn_field_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-types title: "@kbn/field-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-types'] --- import kbnFieldTypesObj from './kbn_field_types.devdocs.json'; diff --git a/api_docs/kbn_field_utils.mdx b/api_docs/kbn_field_utils.mdx index dbe7d3299fcf5..31cc07ce9e31e 100644 --- a/api_docs/kbn_field_utils.mdx +++ b/api_docs/kbn_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-utils title: "@kbn/field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-utils'] --- import kbnFieldUtilsObj from './kbn_field_utils.devdocs.json'; diff --git a/api_docs/kbn_find_used_node_modules.mdx b/api_docs/kbn_find_used_node_modules.mdx index a86a471289d1d..7b3935680f5ea 100644 --- a/api_docs/kbn_find_used_node_modules.mdx +++ b/api_docs/kbn_find_used_node_modules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-find-used-node-modules title: "@kbn/find-used-node-modules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/find-used-node-modules plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/find-used-node-modules'] --- import kbnFindUsedNodeModulesObj from './kbn_find_used_node_modules.devdocs.json'; diff --git a/api_docs/kbn_formatters.mdx b/api_docs/kbn_formatters.mdx index 916f196fb1f42..99f6b7a4bf6ae 100644 --- a/api_docs/kbn_formatters.mdx +++ b/api_docs/kbn_formatters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-formatters title: "@kbn/formatters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/formatters plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/formatters'] --- import kbnFormattersObj from './kbn_formatters.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_services.devdocs.json b/api_docs/kbn_ftr_common_functional_services.devdocs.json index b24cbd1852db8..fcc33a262b892 100644 --- a/api_docs/kbn_ftr_common_functional_services.devdocs.json +++ b/api_docs/kbn_ftr_common_functional_services.devdocs.json @@ -1206,10 +1206,10 @@ "interfaces": [ { "parentPluginId": "@kbn/ftr-common-functional-services", - "id": "def-common.RoleCredentials", + "id": "def-common.CookieCredentials", "type": "Interface", "tags": [], - "label": "RoleCredentials", + "label": "CookieCredentials", "description": [], "path": "packages/kbn-ftr-common-functional-services/services/saml_auth/saml_auth_provider.ts", "deprecated": false, @@ -1217,27 +1217,52 @@ "children": [ { "parentPluginId": "@kbn/ftr-common-functional-services", - "id": "def-common.RoleCredentials.apiKey", - "type": "Object", + "id": "def-common.CookieCredentials.Cookie", + "type": "string", "tags": [], - "label": "apiKey", + "label": "Cookie", + "description": [], + "path": "packages/kbn-ftr-common-functional-services/services/saml_auth/saml_auth_provider.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/ftr-common-functional-services", + "id": "def-common.CookieCredentials.Unnamed", + "type": "IndexSignature", + "tags": [], + "label": "[header: string]: string", "description": [], "signature": [ - "{ id: string; name: string; }" + "[header: string]: string" ], "path": "packages/kbn-ftr-common-functional-services/services/saml_auth/saml_auth_provider.ts", "deprecated": false, "trackAdoption": false - }, + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/ftr-common-functional-services", + "id": "def-common.RoleCredentials", + "type": "Interface", + "tags": [], + "label": "RoleCredentials", + "description": [], + "path": "packages/kbn-ftr-common-functional-services/services/saml_auth/saml_auth_provider.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ { "parentPluginId": "@kbn/ftr-common-functional-services", - "id": "def-common.RoleCredentials.apiKeyHeader", + "id": "def-common.RoleCredentials.apiKey", "type": "Object", "tags": [], - "label": "apiKeyHeader", + "label": "apiKey", "description": [], "signature": [ - "{ Authorization: string; }" + "{ id: string; name: string; }" ], "path": "packages/kbn-ftr-common-functional-services/services/saml_auth/saml_auth_provider.ts", "deprecated": false, @@ -1245,13 +1270,13 @@ }, { "parentPluginId": "@kbn/ftr-common-functional-services", - "id": "def-common.RoleCredentials.cookieHeader", + "id": "def-common.RoleCredentials.apiKeyHeader", "type": "Object", "tags": [], - "label": "cookieHeader", + "label": "apiKeyHeader", "description": [], "signature": [ - "{ Cookie: string; }" + "{ Authorization: string; }" ], "path": "packages/kbn-ftr-common-functional-services/services/saml_auth/saml_auth_provider.ts", "deprecated": false, @@ -1541,7 +1566,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -1721,7 +1754,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -1838,7 +1879,15 @@ "label": "SamlAuthProviderType", "description": [], "signature": [ - "{ getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + "{ getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -2063,7 +2112,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -2243,7 +2300,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -2476,7 +2541,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -2656,7 +2729,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -2889,7 +2970,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -3069,7 +3158,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -3337,7 +3434,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -3517,7 +3622,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -3764,7 +3877,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -3944,7 +4065,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -4097,7 +4226,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -4267,7 +4404,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -4447,7 +4592,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -4674,7 +4827,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -4854,7 +5015,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -5081,7 +5250,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -5261,7 +5438,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -5491,7 +5676,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { @@ -5671,7 +5864,15 @@ "section": "def-common.FtrProviderContext", "text": "FtrProviderContext" }, - ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCredentialsWithRoleScope(role: string): Promise<{ Cookie: string; }>; getEmail(role: string): Promise; getUserData(role: string): Promise<", + ") => { getInteractiveUserSessionCookieWithRoleScope(role: string): Promise; getM2MApiCookieCredentialsWithRoleScope(role: string): Promise<", + { + "pluginId": "@kbn/ftr-common-functional-services", + "scope": "common", + "docId": "kibKbnFtrCommonFunctionalServicesPluginApi", + "section": "def-common.CookieCredentials", + "text": "CookieCredentials" + }, + ">; getEmail(role: string): Promise; getUserData(role: string): Promise<", "UserProfile", ">; createM2mApiKeyWithDefaultRoleScope(): Promise<", { diff --git a/api_docs/kbn_ftr_common_functional_services.mdx b/api_docs/kbn_ftr_common_functional_services.mdx index 6b95407b28d3f..0b01afe6d040c 100644 --- a/api_docs/kbn_ftr_common_functional_services.mdx +++ b/api_docs/kbn_ftr_common_functional_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-services title: "@kbn/ftr-common-functional-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-services plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-services'] --- import kbnFtrCommonFunctionalServicesObj from './kbn_ftr_common_functional_services.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kiban | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 106 | 0 | 81 | 1 | +| 108 | 0 | 83 | 1 | ## Common diff --git a/api_docs/kbn_ftr_common_functional_ui_services.mdx b/api_docs/kbn_ftr_common_functional_ui_services.mdx index 687166a4e0cb0..7f434326f7fbc 100644 --- a/api_docs/kbn_ftr_common_functional_ui_services.mdx +++ b/api_docs/kbn_ftr_common_functional_ui_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-ui-services title: "@kbn/ftr-common-functional-ui-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-ui-services plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-ui-services'] --- import kbnFtrCommonFunctionalUiServicesObj from './kbn_ftr_common_functional_ui_services.devdocs.json'; diff --git a/api_docs/kbn_generate.mdx b/api_docs/kbn_generate.mdx index d9ec516ff16c4..ebd8c583cf605 100644 --- a/api_docs/kbn_generate.mdx +++ b/api_docs/kbn_generate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate title: "@kbn/generate" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate'] --- import kbnGenerateObj from './kbn_generate.devdocs.json'; diff --git a/api_docs/kbn_generate_console_definitions.mdx b/api_docs/kbn_generate_console_definitions.mdx index 937e8d30f73d2..868ed29f3b812 100644 --- a/api_docs/kbn_generate_console_definitions.mdx +++ b/api_docs/kbn_generate_console_definitions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-console-definitions title: "@kbn/generate-console-definitions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-console-definitions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-console-definitions'] --- import kbnGenerateConsoleDefinitionsObj from './kbn_generate_console_definitions.devdocs.json'; diff --git a/api_docs/kbn_generate_csv.mdx b/api_docs/kbn_generate_csv.mdx index b239913fb3ad6..4e1510ea3a4cf 100644 --- a/api_docs/kbn_generate_csv.mdx +++ b/api_docs/kbn_generate_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv title: "@kbn/generate-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv'] --- import kbnGenerateCsvObj from './kbn_generate_csv.devdocs.json'; diff --git a/api_docs/kbn_grid_layout.mdx b/api_docs/kbn_grid_layout.mdx index a37e9b6b037ad..611d2de1d982f 100644 --- a/api_docs/kbn_grid_layout.mdx +++ b/api_docs/kbn_grid_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grid-layout title: "@kbn/grid-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grid-layout plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grid-layout'] --- import kbnGridLayoutObj from './kbn_grid_layout.devdocs.json'; diff --git a/api_docs/kbn_grouping.mdx b/api_docs/kbn_grouping.mdx index de7750f2e5a81..e8de165e89275 100644 --- a/api_docs/kbn_grouping.mdx +++ b/api_docs/kbn_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grouping title: "@kbn/grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grouping plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grouping'] --- import kbnGroupingObj from './kbn_grouping.devdocs.json'; diff --git a/api_docs/kbn_guided_onboarding.mdx b/api_docs/kbn_guided_onboarding.mdx index 26f5ddf150569..275deed3fdbdc 100644 --- a/api_docs/kbn_guided_onboarding.mdx +++ b/api_docs/kbn_guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-guided-onboarding title: "@kbn/guided-onboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/guided-onboarding plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/guided-onboarding'] --- import kbnGuidedOnboardingObj from './kbn_guided_onboarding.devdocs.json'; diff --git a/api_docs/kbn_handlebars.mdx b/api_docs/kbn_handlebars.mdx index 05221ecf699d5..2625bd075157e 100644 --- a/api_docs/kbn_handlebars.mdx +++ b/api_docs/kbn_handlebars.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-handlebars title: "@kbn/handlebars" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/handlebars plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/handlebars'] --- import kbnHandlebarsObj from './kbn_handlebars.devdocs.json'; diff --git a/api_docs/kbn_hapi_mocks.mdx b/api_docs/kbn_hapi_mocks.mdx index e379fbd0044c1..0de11a46c7612 100644 --- a/api_docs/kbn_hapi_mocks.mdx +++ b/api_docs/kbn_hapi_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-hapi-mocks title: "@kbn/hapi-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/hapi-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/hapi-mocks'] --- import kbnHapiMocksObj from './kbn_hapi_mocks.devdocs.json'; diff --git a/api_docs/kbn_health_gateway_server.mdx b/api_docs/kbn_health_gateway_server.mdx index 293518f142221..77f9a691a60f2 100644 --- a/api_docs/kbn_health_gateway_server.mdx +++ b/api_docs/kbn_health_gateway_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-health-gateway-server title: "@kbn/health-gateway-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/health-gateway-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/health-gateway-server'] --- import kbnHealthGatewayServerObj from './kbn_health_gateway_server.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_card.mdx b/api_docs/kbn_home_sample_data_card.mdx index 9a3fd60ab58e4..c5a3c60751653 100644 --- a/api_docs/kbn_home_sample_data_card.mdx +++ b/api_docs/kbn_home_sample_data_card.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-card title: "@kbn/home-sample-data-card" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-card plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-card'] --- import kbnHomeSampleDataCardObj from './kbn_home_sample_data_card.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_tab.mdx b/api_docs/kbn_home_sample_data_tab.mdx index 43121374d49b4..d336e64f848ee 100644 --- a/api_docs/kbn_home_sample_data_tab.mdx +++ b/api_docs/kbn_home_sample_data_tab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-tab title: "@kbn/home-sample-data-tab" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-tab plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-tab'] --- import kbnHomeSampleDataTabObj from './kbn_home_sample_data_tab.devdocs.json'; diff --git a/api_docs/kbn_i18n.mdx b/api_docs/kbn_i18n.mdx index 0f1199d5c9582..9de15eceddd4b 100644 --- a/api_docs/kbn_i18n.mdx +++ b/api_docs/kbn_i18n.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n title: "@kbn/i18n" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n'] --- import kbnI18nObj from './kbn_i18n.devdocs.json'; diff --git a/api_docs/kbn_i18n_react.mdx b/api_docs/kbn_i18n_react.mdx index f528e5b6b1f8e..9a1721e7d5238 100644 --- a/api_docs/kbn_i18n_react.mdx +++ b/api_docs/kbn_i18n_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n-react title: "@kbn/i18n-react" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n-react plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n-react'] --- import kbnI18nReactObj from './kbn_i18n_react.devdocs.json'; diff --git a/api_docs/kbn_import_resolver.mdx b/api_docs/kbn_import_resolver.mdx index 21d43ffea7ce7..28e030581846a 100644 --- a/api_docs/kbn_import_resolver.mdx +++ b/api_docs/kbn_import_resolver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-import-resolver title: "@kbn/import-resolver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/import-resolver plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/import-resolver'] --- import kbnImportResolverObj from './kbn_import_resolver.devdocs.json'; diff --git a/api_docs/kbn_index_management_shared_types.mdx b/api_docs/kbn_index_management_shared_types.mdx index 5b3bec7a0e1f1..71e31aca65572 100644 --- a/api_docs/kbn_index_management_shared_types.mdx +++ b/api_docs/kbn_index_management_shared_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-index-management-shared-types title: "@kbn/index-management-shared-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/index-management-shared-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/index-management-shared-types'] --- import kbnIndexManagementSharedTypesObj from './kbn_index_management_shared_types.devdocs.json'; diff --git a/api_docs/kbn_inference_integration_flyout.mdx b/api_docs/kbn_inference_integration_flyout.mdx index 22e64a3f5e6b1..93ba346755a27 100644 --- a/api_docs/kbn_inference_integration_flyout.mdx +++ b/api_docs/kbn_inference_integration_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-inference_integration_flyout title: "@kbn/inference_integration_flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/inference_integration_flyout plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/inference_integration_flyout'] --- import kbnInferenceIntegrationFlyoutObj from './kbn_inference_integration_flyout.devdocs.json'; diff --git a/api_docs/kbn_infra_forge.mdx b/api_docs/kbn_infra_forge.mdx index 17d84eab72cb2..f0934e6a1fb19 100644 --- a/api_docs/kbn_infra_forge.mdx +++ b/api_docs/kbn_infra_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-infra-forge title: "@kbn/infra-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/infra-forge plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/infra-forge'] --- import kbnInfraForgeObj from './kbn_infra_forge.devdocs.json'; diff --git a/api_docs/kbn_interpreter.mdx b/api_docs/kbn_interpreter.mdx index 6998285ce622c..1af1924b18213 100644 --- a/api_docs/kbn_interpreter.mdx +++ b/api_docs/kbn_interpreter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-interpreter title: "@kbn/interpreter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/interpreter plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/interpreter'] --- import kbnInterpreterObj from './kbn_interpreter.devdocs.json'; diff --git a/api_docs/kbn_investigation_shared.mdx b/api_docs/kbn_investigation_shared.mdx index df103d3cef020..c8ccd6f73f5cf 100644 --- a/api_docs/kbn_investigation_shared.mdx +++ b/api_docs/kbn_investigation_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-investigation-shared title: "@kbn/investigation-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/investigation-shared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/investigation-shared'] --- import kbnInvestigationSharedObj from './kbn_investigation_shared.devdocs.json'; diff --git a/api_docs/kbn_io_ts_utils.mdx b/api_docs/kbn_io_ts_utils.mdx index ac4c95e21537e..4d99772315f37 100644 --- a/api_docs/kbn_io_ts_utils.mdx +++ b/api_docs/kbn_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-io-ts-utils title: "@kbn/io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/io-ts-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/io-ts-utils'] --- import kbnIoTsUtilsObj from './kbn_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_ipynb.mdx b/api_docs/kbn_ipynb.mdx index 40faf789d32ac..a69412659157c 100644 --- a/api_docs/kbn_ipynb.mdx +++ b/api_docs/kbn_ipynb.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ipynb title: "@kbn/ipynb" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ipynb plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ipynb'] --- import kbnIpynbObj from './kbn_ipynb.devdocs.json'; diff --git a/api_docs/kbn_jest_serializers.mdx b/api_docs/kbn_jest_serializers.mdx index d9f7baf1d03e1..ee64021bda464 100644 --- a/api_docs/kbn_jest_serializers.mdx +++ b/api_docs/kbn_jest_serializers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-jest-serializers title: "@kbn/jest-serializers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/jest-serializers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/jest-serializers'] --- import kbnJestSerializersObj from './kbn_jest_serializers.devdocs.json'; diff --git a/api_docs/kbn_journeys.mdx b/api_docs/kbn_journeys.mdx index 50a292dabcb53..e86743aad8296 100644 --- a/api_docs/kbn_journeys.mdx +++ b/api_docs/kbn_journeys.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-journeys title: "@kbn/journeys" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/journeys plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/journeys'] --- import kbnJourneysObj from './kbn_journeys.devdocs.json'; diff --git a/api_docs/kbn_json_ast.mdx b/api_docs/kbn_json_ast.mdx index 18123fb4bb3fd..2b27d1c94f5fe 100644 --- a/api_docs/kbn_json_ast.mdx +++ b/api_docs/kbn_json_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-ast title: "@kbn/json-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-ast plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-ast'] --- import kbnJsonAstObj from './kbn_json_ast.devdocs.json'; diff --git a/api_docs/kbn_json_schemas.mdx b/api_docs/kbn_json_schemas.mdx index f2ad03b489f1f..960b977c357fa 100644 --- a/api_docs/kbn_json_schemas.mdx +++ b/api_docs/kbn_json_schemas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-schemas title: "@kbn/json-schemas" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-schemas plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-schemas'] --- import kbnJsonSchemasObj from './kbn_json_schemas.devdocs.json'; diff --git a/api_docs/kbn_kibana_manifest_schema.mdx b/api_docs/kbn_kibana_manifest_schema.mdx index 647aa16197929..8e6c94a7fe5c5 100644 --- a/api_docs/kbn_kibana_manifest_schema.mdx +++ b/api_docs/kbn_kibana_manifest_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-kibana-manifest-schema title: "@kbn/kibana-manifest-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/kibana-manifest-schema plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/kibana-manifest-schema'] --- import kbnKibanaManifestSchemaObj from './kbn_kibana_manifest_schema.devdocs.json'; diff --git a/api_docs/kbn_language_documentation_popover.devdocs.json b/api_docs/kbn_language_documentation_popover.devdocs.json index 63df68fdd2a7c..a3879146da8f3 100644 --- a/api_docs/kbn_language_documentation_popover.devdocs.json +++ b/api_docs/kbn_language_documentation_popover.devdocs.json @@ -19,6 +19,70 @@ "common": { "classes": [], "functions": [ + { + "parentPluginId": "@kbn/language-documentation-popover", + "id": "def-common.LanguageDocumentationFlyout", + "type": "Function", + "tags": [], + "label": "LanguageDocumentationFlyout", + "description": [], + "signature": [ + "React.NamedExoticComponent & { readonly type: ({ searchInDescription, linkToDocumentation, isHelpMenuOpen, onHelpMenuVisibilityChange, }: DocumentationFlyoutProps) => JSX.Element; }" + ], + "path": "packages/kbn-language-documentation-popover/src/components/as_flyout/index.tsx", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/language-documentation-popover", + "id": "def-common.LanguageDocumentationFlyout.$1", + "type": "Uncategorized", + "tags": [], + "label": "props", + "description": [], + "signature": [ + "P" + ], + "path": "node_modules/@types/react/index.d.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/language-documentation-popover", + "id": "def-common.LanguageDocumentationInline", + "type": "Function", + "tags": [], + "label": "LanguageDocumentationInline", + "description": [], + "signature": [ + "React.NamedExoticComponent & { readonly type: ({ searchInDescription }: DocumentationInlineProps) => JSX.Element; }" + ], + "path": "packages/kbn-language-documentation-popover/src/components/as_inline/index.tsx", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/language-documentation-popover", + "id": "def-common.LanguageDocumentationInline.$1", + "type": "Uncategorized", + "tags": [], + "label": "props", + "description": [], + "signature": [ + "P" + ], + "path": "node_modules/@types/react/index.d.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/language-documentation-popover", "id": "def-common.LanguageDocumentationPopover", @@ -29,7 +93,7 @@ "signature": [ "React.NamedExoticComponent & { readonly type: ({ language, sections, buttonProps, searchInDescription, linkToDocumentation, isHelpMenuOpen, onHelpMenuVisibilityChange, }: DocumentationPopoverProps) => JSX.Element; }" ], - "path": "packages/kbn-language-documentation-popover/src/components/documentation_popover.tsx", + "path": "packages/kbn-language-documentation-popover/src/components/as_popover/index.tsx", "deprecated": false, "trackAdoption": false, "returnComment": [], @@ -61,7 +125,7 @@ "signature": [ "React.NamedExoticComponent & { readonly type: ({ language, sections, searchInDescription, linkToDocumentation, }: DocumentationProps) => JSX.Element; }" ], - "path": "packages/kbn-language-documentation-popover/src/components/documentation_content.tsx", + "path": "packages/kbn-language-documentation-popover/src/components/as_popover/popover_content.tsx", "deprecated": false, "trackAdoption": false, "returnComment": [], @@ -92,7 +156,7 @@ "tags": [], "label": "LanguageDocumentationSections", "description": [], - "path": "packages/kbn-language-documentation-popover/src/components/documentation_content.tsx", + "path": "packages/kbn-language-documentation-popover/src/types.ts", "deprecated": false, "trackAdoption": false, "children": [ @@ -106,7 +170,7 @@ "signature": [ "{ label: string; description?: string | undefined; items: { label: string; description?: JSX.Element | undefined; }[]; }[]" ], - "path": "packages/kbn-language-documentation-popover/src/components/documentation_content.tsx", + "path": "packages/kbn-language-documentation-popover/src/types.ts", "deprecated": false, "trackAdoption": false }, @@ -120,7 +184,7 @@ "signature": [ "JSX.Element" ], - "path": "packages/kbn-language-documentation-popover/src/components/documentation_content.tsx", + "path": "packages/kbn-language-documentation-popover/src/types.ts", "deprecated": false, "trackAdoption": false } diff --git a/api_docs/kbn_language_documentation_popover.mdx b/api_docs/kbn_language_documentation_popover.mdx index 151b9254e58ae..1aeb66f1c432c 100644 --- a/api_docs/kbn_language_documentation_popover.mdx +++ b/api_docs/kbn_language_documentation_popover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-language-documentation-popover title: "@kbn/language-documentation-popover" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/language-documentation-popover plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/language-documentation-popover'] --- import kbnLanguageDocumentationPopoverObj from './kbn_language_documentation_popover.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 7 | 0 | 5 | 0 | +| 11 | 0 | 7 | 0 | ## Common diff --git a/api_docs/kbn_lens_embeddable_utils.mdx b/api_docs/kbn_lens_embeddable_utils.mdx index c2630ff7d984c..3d0e122faa3ed 100644 --- a/api_docs/kbn_lens_embeddable_utils.mdx +++ b/api_docs/kbn_lens_embeddable_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-embeddable-utils title: "@kbn/lens-embeddable-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-embeddable-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-embeddable-utils'] --- import kbnLensEmbeddableUtilsObj from './kbn_lens_embeddable_utils.devdocs.json'; diff --git a/api_docs/kbn_lens_formula_docs.mdx b/api_docs/kbn_lens_formula_docs.mdx index 03f4e936557c3..ea64fc29ae107 100644 --- a/api_docs/kbn_lens_formula_docs.mdx +++ b/api_docs/kbn_lens_formula_docs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-formula-docs title: "@kbn/lens-formula-docs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-formula-docs plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-formula-docs'] --- import kbnLensFormulaDocsObj from './kbn_lens_formula_docs.devdocs.json'; diff --git a/api_docs/kbn_logging.mdx b/api_docs/kbn_logging.mdx index 4c8645025da80..d8cffe4ccc85e 100644 --- a/api_docs/kbn_logging.mdx +++ b/api_docs/kbn_logging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging title: "@kbn/logging" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging'] --- import kbnLoggingObj from './kbn_logging.devdocs.json'; diff --git a/api_docs/kbn_logging_mocks.mdx b/api_docs/kbn_logging_mocks.mdx index 8b1aad0c0a7c9..8bc93766c482e 100644 --- a/api_docs/kbn_logging_mocks.mdx +++ b/api_docs/kbn_logging_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging-mocks title: "@kbn/logging-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging-mocks'] --- import kbnLoggingMocksObj from './kbn_logging_mocks.devdocs.json'; diff --git a/api_docs/kbn_managed_content_badge.mdx b/api_docs/kbn_managed_content_badge.mdx index a23110409d23d..561498e5fed4a 100644 --- a/api_docs/kbn_managed_content_badge.mdx +++ b/api_docs/kbn_managed_content_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-content-badge title: "@kbn/managed-content-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-content-badge plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-content-badge'] --- import kbnManagedContentBadgeObj from './kbn_managed_content_badge.devdocs.json'; diff --git a/api_docs/kbn_managed_vscode_config.mdx b/api_docs/kbn_managed_vscode_config.mdx index f8761f2ab1f48..e4d60bd081150 100644 --- a/api_docs/kbn_managed_vscode_config.mdx +++ b/api_docs/kbn_managed_vscode_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-vscode-config title: "@kbn/managed-vscode-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-vscode-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-vscode-config'] --- import kbnManagedVscodeConfigObj from './kbn_managed_vscode_config.devdocs.json'; diff --git a/api_docs/kbn_management_cards_navigation.devdocs.json b/api_docs/kbn_management_cards_navigation.devdocs.json index 1b27bb9518cfd..869f8b691b806 100644 --- a/api_docs/kbn_management_cards_navigation.devdocs.json +++ b/api_docs/kbn_management_cards_navigation.devdocs.json @@ -145,7 +145,7 @@ "label": "hideLinksTo", "description": [], "signature": [ - "(\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\")[] | undefined" + "(\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"data_usage\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\")[] | undefined" ], "path": "packages/kbn-management/cards_navigation/src/types.ts", "deprecated": false, @@ -202,7 +202,7 @@ "label": "AppId", "description": [], "signature": [ - "\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\"" + "\"transform\" | \"tags\" | \"maintenanceWindows\" | \"dataViews\" | \"spaces\" | \"settings\" | \"data_quality\" | \"data_usage\" | \"filesManagement\" | \"roles\" | \"reporting\" | \"api_keys\" | \"index_management\" | \"ingest_pipelines\" | \"jobsListLink\" | \"objects\" | \"pipelines\" | \"triggersActions\" | \"triggersActionsConnectors\"" ], "path": "packages/kbn-management/cards_navigation/src/types.ts", "deprecated": false, diff --git a/api_docs/kbn_management_cards_navigation.mdx b/api_docs/kbn_management_cards_navigation.mdx index a7e4fd3f37455..92e1e9bfb8567 100644 --- a/api_docs/kbn_management_cards_navigation.mdx +++ b/api_docs/kbn_management_cards_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-cards-navigation title: "@kbn/management-cards-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-cards-navigation plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-cards-navigation'] --- import kbnManagementCardsNavigationObj from './kbn_management_cards_navigation.devdocs.json'; diff --git a/api_docs/kbn_management_settings_application.mdx b/api_docs/kbn_management_settings_application.mdx index 3d4d7f1f111bd..bd69288458650 100644 --- a/api_docs/kbn_management_settings_application.mdx +++ b/api_docs/kbn_management_settings_application.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-application title: "@kbn/management-settings-application" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-application plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-application'] --- import kbnManagementSettingsApplicationObj from './kbn_management_settings_application.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_category.mdx b/api_docs/kbn_management_settings_components_field_category.mdx index d94fe5872054a..64992b8b4fa5e 100644 --- a/api_docs/kbn_management_settings_components_field_category.mdx +++ b/api_docs/kbn_management_settings_components_field_category.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-category title: "@kbn/management-settings-components-field-category" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-category plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-category'] --- import kbnManagementSettingsComponentsFieldCategoryObj from './kbn_management_settings_components_field_category.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_input.mdx b/api_docs/kbn_management_settings_components_field_input.mdx index 35cc0b9d03752..f2e83f90fd4d3 100644 --- a/api_docs/kbn_management_settings_components_field_input.mdx +++ b/api_docs/kbn_management_settings_components_field_input.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-input title: "@kbn/management-settings-components-field-input" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-input plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-input'] --- import kbnManagementSettingsComponentsFieldInputObj from './kbn_management_settings_components_field_input.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_row.mdx b/api_docs/kbn_management_settings_components_field_row.mdx index 34d940d0f248b..9f53a5b60ec0d 100644 --- a/api_docs/kbn_management_settings_components_field_row.mdx +++ b/api_docs/kbn_management_settings_components_field_row.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-row title: "@kbn/management-settings-components-field-row" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-row plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-row'] --- import kbnManagementSettingsComponentsFieldRowObj from './kbn_management_settings_components_field_row.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_form.mdx b/api_docs/kbn_management_settings_components_form.mdx index 720572b115752..3fc1641619df5 100644 --- a/api_docs/kbn_management_settings_components_form.mdx +++ b/api_docs/kbn_management_settings_components_form.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-form title: "@kbn/management-settings-components-form" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-form plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-form'] --- import kbnManagementSettingsComponentsFormObj from './kbn_management_settings_components_form.devdocs.json'; diff --git a/api_docs/kbn_management_settings_field_definition.mdx b/api_docs/kbn_management_settings_field_definition.mdx index 8070715df2aff..4a12af56fbcbf 100644 --- a/api_docs/kbn_management_settings_field_definition.mdx +++ b/api_docs/kbn_management_settings_field_definition.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-field-definition title: "@kbn/management-settings-field-definition" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-field-definition plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-field-definition'] --- import kbnManagementSettingsFieldDefinitionObj from './kbn_management_settings_field_definition.devdocs.json'; diff --git a/api_docs/kbn_management_settings_ids.mdx b/api_docs/kbn_management_settings_ids.mdx index 7e264c7764225..32c8a42e879cf 100644 --- a/api_docs/kbn_management_settings_ids.mdx +++ b/api_docs/kbn_management_settings_ids.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-ids title: "@kbn/management-settings-ids" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-ids plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-ids'] --- import kbnManagementSettingsIdsObj from './kbn_management_settings_ids.devdocs.json'; diff --git a/api_docs/kbn_management_settings_section_registry.mdx b/api_docs/kbn_management_settings_section_registry.mdx index ba91a364224dc..37cfbf9a6ee5a 100644 --- a/api_docs/kbn_management_settings_section_registry.mdx +++ b/api_docs/kbn_management_settings_section_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-section-registry title: "@kbn/management-settings-section-registry" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-section-registry plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-section-registry'] --- import kbnManagementSettingsSectionRegistryObj from './kbn_management_settings_section_registry.devdocs.json'; diff --git a/api_docs/kbn_management_settings_types.mdx b/api_docs/kbn_management_settings_types.mdx index 87b690f7cf430..7fe34f1f7499e 100644 --- a/api_docs/kbn_management_settings_types.mdx +++ b/api_docs/kbn_management_settings_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-types title: "@kbn/management-settings-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-types'] --- import kbnManagementSettingsTypesObj from './kbn_management_settings_types.devdocs.json'; diff --git a/api_docs/kbn_management_settings_utilities.mdx b/api_docs/kbn_management_settings_utilities.mdx index 735129fc1e9f9..147aca08d1c80 100644 --- a/api_docs/kbn_management_settings_utilities.mdx +++ b/api_docs/kbn_management_settings_utilities.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-utilities title: "@kbn/management-settings-utilities" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-utilities plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-utilities'] --- import kbnManagementSettingsUtilitiesObj from './kbn_management_settings_utilities.devdocs.json'; diff --git a/api_docs/kbn_management_storybook_config.mdx b/api_docs/kbn_management_storybook_config.mdx index a0dfbe92bf1d6..cee63cb3e1cb1 100644 --- a/api_docs/kbn_management_storybook_config.mdx +++ b/api_docs/kbn_management_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-storybook-config title: "@kbn/management-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-storybook-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-storybook-config'] --- import kbnManagementStorybookConfigObj from './kbn_management_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_mapbox_gl.devdocs.json b/api_docs/kbn_mapbox_gl.devdocs.json index 10fac656166ee..cf9525be91e6e 100644 --- a/api_docs/kbn_mapbox_gl.devdocs.json +++ b/api_docs/kbn_mapbox_gl.devdocs.json @@ -8733,7 +8733,7 @@ "label": "renderingMode", "description": [], "signature": [ - "\"2d\" | \"3d\" | undefined" + "\"3d\" | \"2d\" | undefined" ], "path": "node_modules/maplibre-gl/dist/maplibre-gl.d.ts", "deprecated": false, diff --git a/api_docs/kbn_mapbox_gl.mdx b/api_docs/kbn_mapbox_gl.mdx index 9483667fe3101..8608dc57bc6a7 100644 --- a/api_docs/kbn_mapbox_gl.mdx +++ b/api_docs/kbn_mapbox_gl.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mapbox-gl title: "@kbn/mapbox-gl" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mapbox-gl plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mapbox-gl'] --- import kbnMapboxGlObj from './kbn_mapbox_gl.devdocs.json'; diff --git a/api_docs/kbn_maps_vector_tile_utils.mdx b/api_docs/kbn_maps_vector_tile_utils.mdx index b43df2f5eb337..0c5af93071e02 100644 --- a/api_docs/kbn_maps_vector_tile_utils.mdx +++ b/api_docs/kbn_maps_vector_tile_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-maps-vector-tile-utils title: "@kbn/maps-vector-tile-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/maps-vector-tile-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/maps-vector-tile-utils'] --- import kbnMapsVectorTileUtilsObj from './kbn_maps_vector_tile_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_agg_utils.mdx b/api_docs/kbn_ml_agg_utils.mdx index 5f1b4655137a8..4c113b69ed52d 100644 --- a/api_docs/kbn_ml_agg_utils.mdx +++ b/api_docs/kbn_ml_agg_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-agg-utils title: "@kbn/ml-agg-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-agg-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-agg-utils'] --- import kbnMlAggUtilsObj from './kbn_ml_agg_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_anomaly_utils.devdocs.json b/api_docs/kbn_ml_anomaly_utils.devdocs.json index 3374b3309e786..90796eb0b5e84 100644 --- a/api_docs/kbn_ml_anomaly_utils.devdocs.json +++ b/api_docs/kbn_ml_anomaly_utils.devdocs.json @@ -1554,12 +1554,15 @@ { "parentPluginId": "@kbn/ml-anomaly-utils", "id": "def-common.MlAnomaliesTableRecord.modelPlotEnabled", - "type": "boolean", + "type": "CompoundType", "tags": [], "label": "modelPlotEnabled", "description": [ "\nReturns true if the job has the model plot enabled" ], + "signature": [ + "boolean | undefined" + ], "path": "x-pack/packages/ml/anomaly_utils/types.ts", "deprecated": false, "trackAdoption": false diff --git a/api_docs/kbn_ml_anomaly_utils.mdx b/api_docs/kbn_ml_anomaly_utils.mdx index 1e3b2a4bfe07c..0302a54f6d0c1 100644 --- a/api_docs/kbn_ml_anomaly_utils.mdx +++ b/api_docs/kbn_ml_anomaly_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-anomaly-utils title: "@kbn/ml-anomaly-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-anomaly-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-anomaly-utils'] --- import kbnMlAnomalyUtilsObj from './kbn_ml_anomaly_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_cancellable_search.mdx b/api_docs/kbn_ml_cancellable_search.mdx index 85c7fda88959e..330bbc438ebf4 100644 --- a/api_docs/kbn_ml_cancellable_search.mdx +++ b/api_docs/kbn_ml_cancellable_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-cancellable-search title: "@kbn/ml-cancellable-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-cancellable-search plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-cancellable-search'] --- import kbnMlCancellableSearchObj from './kbn_ml_cancellable_search.devdocs.json'; diff --git a/api_docs/kbn_ml_category_validator.mdx b/api_docs/kbn_ml_category_validator.mdx index 047405f255340..8428901ef144a 100644 --- a/api_docs/kbn_ml_category_validator.mdx +++ b/api_docs/kbn_ml_category_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-category-validator title: "@kbn/ml-category-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-category-validator plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-category-validator'] --- import kbnMlCategoryValidatorObj from './kbn_ml_category_validator.devdocs.json'; diff --git a/api_docs/kbn_ml_chi2test.mdx b/api_docs/kbn_ml_chi2test.mdx index c6265b02671f8..cec9210edece5 100644 --- a/api_docs/kbn_ml_chi2test.mdx +++ b/api_docs/kbn_ml_chi2test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-chi2test title: "@kbn/ml-chi2test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-chi2test plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-chi2test'] --- import kbnMlChi2testObj from './kbn_ml_chi2test.devdocs.json'; diff --git a/api_docs/kbn_ml_data_frame_analytics_utils.mdx b/api_docs/kbn_ml_data_frame_analytics_utils.mdx index d6edb38e108d2..eee4921d398f3 100644 --- a/api_docs/kbn_ml_data_frame_analytics_utils.mdx +++ b/api_docs/kbn_ml_data_frame_analytics_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-frame-analytics-utils title: "@kbn/ml-data-frame-analytics-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-frame-analytics-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-frame-analytics-utils'] --- import kbnMlDataFrameAnalyticsUtilsObj from './kbn_ml_data_frame_analytics_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_data_grid.mdx b/api_docs/kbn_ml_data_grid.mdx index ba6e47aded661..6249238c7100e 100644 --- a/api_docs/kbn_ml_data_grid.mdx +++ b/api_docs/kbn_ml_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-grid title: "@kbn/ml-data-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-grid plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-grid'] --- import kbnMlDataGridObj from './kbn_ml_data_grid.devdocs.json'; diff --git a/api_docs/kbn_ml_date_picker.mdx b/api_docs/kbn_ml_date_picker.mdx index ff2c617e6c3a8..83bcbb3817b0f 100644 --- a/api_docs/kbn_ml_date_picker.mdx +++ b/api_docs/kbn_ml_date_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-picker title: "@kbn/ml-date-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-picker plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-picker'] --- import kbnMlDatePickerObj from './kbn_ml_date_picker.devdocs.json'; diff --git a/api_docs/kbn_ml_date_utils.mdx b/api_docs/kbn_ml_date_utils.mdx index 5986e3f00e985..fbbe0626d1b25 100644 --- a/api_docs/kbn_ml_date_utils.mdx +++ b/api_docs/kbn_ml_date_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-utils title: "@kbn/ml-date-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-utils'] --- import kbnMlDateUtilsObj from './kbn_ml_date_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_error_utils.mdx b/api_docs/kbn_ml_error_utils.mdx index bd7b6e83e9c54..4d8967ce4716d 100644 --- a/api_docs/kbn_ml_error_utils.mdx +++ b/api_docs/kbn_ml_error_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-error-utils title: "@kbn/ml-error-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-error-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-error-utils'] --- import kbnMlErrorUtilsObj from './kbn_ml_error_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_in_memory_table.mdx b/api_docs/kbn_ml_in_memory_table.mdx index 9b03481dc0477..cf72734da4aff 100644 --- a/api_docs/kbn_ml_in_memory_table.mdx +++ b/api_docs/kbn_ml_in_memory_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-in-memory-table title: "@kbn/ml-in-memory-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-in-memory-table plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-in-memory-table'] --- import kbnMlInMemoryTableObj from './kbn_ml_in_memory_table.devdocs.json'; diff --git a/api_docs/kbn_ml_is_defined.mdx b/api_docs/kbn_ml_is_defined.mdx index 0cde7c37492c9..d60a2105d1a09 100644 --- a/api_docs/kbn_ml_is_defined.mdx +++ b/api_docs/kbn_ml_is_defined.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-defined title: "@kbn/ml-is-defined" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-defined plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-defined'] --- import kbnMlIsDefinedObj from './kbn_ml_is_defined.devdocs.json'; diff --git a/api_docs/kbn_ml_is_populated_object.mdx b/api_docs/kbn_ml_is_populated_object.mdx index e7a95a6a2d0ae..c771ed4b4d36b 100644 --- a/api_docs/kbn_ml_is_populated_object.mdx +++ b/api_docs/kbn_ml_is_populated_object.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-populated-object title: "@kbn/ml-is-populated-object" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-populated-object plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-populated-object'] --- import kbnMlIsPopulatedObjectObj from './kbn_ml_is_populated_object.devdocs.json'; diff --git a/api_docs/kbn_ml_kibana_theme.mdx b/api_docs/kbn_ml_kibana_theme.mdx index 2490828d20033..0b53670964b75 100644 --- a/api_docs/kbn_ml_kibana_theme.mdx +++ b/api_docs/kbn_ml_kibana_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-kibana-theme title: "@kbn/ml-kibana-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-kibana-theme plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-kibana-theme'] --- import kbnMlKibanaThemeObj from './kbn_ml_kibana_theme.devdocs.json'; diff --git a/api_docs/kbn_ml_local_storage.mdx b/api_docs/kbn_ml_local_storage.mdx index a632b84b050ac..f4492fc4f7e1d 100644 --- a/api_docs/kbn_ml_local_storage.mdx +++ b/api_docs/kbn_ml_local_storage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-local-storage title: "@kbn/ml-local-storage" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-local-storage plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-local-storage'] --- import kbnMlLocalStorageObj from './kbn_ml_local_storage.devdocs.json'; diff --git a/api_docs/kbn_ml_nested_property.mdx b/api_docs/kbn_ml_nested_property.mdx index d1f06b6a1b213..f11a3dbc91b40 100644 --- a/api_docs/kbn_ml_nested_property.mdx +++ b/api_docs/kbn_ml_nested_property.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-nested-property title: "@kbn/ml-nested-property" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-nested-property plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-nested-property'] --- import kbnMlNestedPropertyObj from './kbn_ml_nested_property.devdocs.json'; diff --git a/api_docs/kbn_ml_number_utils.mdx b/api_docs/kbn_ml_number_utils.mdx index e9ff9bd2f8f6f..7078beea82198 100644 --- a/api_docs/kbn_ml_number_utils.mdx +++ b/api_docs/kbn_ml_number_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-number-utils title: "@kbn/ml-number-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-number-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-number-utils'] --- import kbnMlNumberUtilsObj from './kbn_ml_number_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_query_utils.mdx b/api_docs/kbn_ml_query_utils.mdx index 9451ac2817c18..b7e43de80739d 100644 --- a/api_docs/kbn_ml_query_utils.mdx +++ b/api_docs/kbn_ml_query_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-query-utils title: "@kbn/ml-query-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-query-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-query-utils'] --- import kbnMlQueryUtilsObj from './kbn_ml_query_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_random_sampler_utils.mdx b/api_docs/kbn_ml_random_sampler_utils.mdx index c3d347da0a4c0..1d5fef27ddf5e 100644 --- a/api_docs/kbn_ml_random_sampler_utils.mdx +++ b/api_docs/kbn_ml_random_sampler_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-random-sampler-utils title: "@kbn/ml-random-sampler-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-random-sampler-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-random-sampler-utils'] --- import kbnMlRandomSamplerUtilsObj from './kbn_ml_random_sampler_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_route_utils.mdx b/api_docs/kbn_ml_route_utils.mdx index f038206904ddc..4ac3d0802dd8e 100644 --- a/api_docs/kbn_ml_route_utils.mdx +++ b/api_docs/kbn_ml_route_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-route-utils title: "@kbn/ml-route-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-route-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-route-utils'] --- import kbnMlRouteUtilsObj from './kbn_ml_route_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_runtime_field_utils.mdx b/api_docs/kbn_ml_runtime_field_utils.mdx index d5a7bad532934..9c62d8e102ceb 100644 --- a/api_docs/kbn_ml_runtime_field_utils.mdx +++ b/api_docs/kbn_ml_runtime_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-runtime-field-utils title: "@kbn/ml-runtime-field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-runtime-field-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-runtime-field-utils'] --- import kbnMlRuntimeFieldUtilsObj from './kbn_ml_runtime_field_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_string_hash.mdx b/api_docs/kbn_ml_string_hash.mdx index c4c4cd53f5f1b..c5fd2c474a42e 100644 --- a/api_docs/kbn_ml_string_hash.mdx +++ b/api_docs/kbn_ml_string_hash.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-string-hash title: "@kbn/ml-string-hash" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-string-hash plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-string-hash'] --- import kbnMlStringHashObj from './kbn_ml_string_hash.devdocs.json'; diff --git a/api_docs/kbn_ml_time_buckets.mdx b/api_docs/kbn_ml_time_buckets.mdx index 07b58f68d8d94..e2c52a88f341f 100644 --- a/api_docs/kbn_ml_time_buckets.mdx +++ b/api_docs/kbn_ml_time_buckets.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-time-buckets title: "@kbn/ml-time-buckets" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-time-buckets plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-time-buckets'] --- import kbnMlTimeBucketsObj from './kbn_ml_time_buckets.devdocs.json'; diff --git a/api_docs/kbn_ml_trained_models_utils.mdx b/api_docs/kbn_ml_trained_models_utils.mdx index 0ab5f2feb2727..e6455263686a9 100644 --- a/api_docs/kbn_ml_trained_models_utils.mdx +++ b/api_docs/kbn_ml_trained_models_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-trained-models-utils title: "@kbn/ml-trained-models-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-trained-models-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-trained-models-utils'] --- import kbnMlTrainedModelsUtilsObj from './kbn_ml_trained_models_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_ui_actions.mdx b/api_docs/kbn_ml_ui_actions.mdx index eb24b73ebd288..a46f15a08be6d 100644 --- a/api_docs/kbn_ml_ui_actions.mdx +++ b/api_docs/kbn_ml_ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-ui-actions title: "@kbn/ml-ui-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-ui-actions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-ui-actions'] --- import kbnMlUiActionsObj from './kbn_ml_ui_actions.devdocs.json'; diff --git a/api_docs/kbn_ml_url_state.mdx b/api_docs/kbn_ml_url_state.mdx index 099c21bf7f115..19c30dd290bdf 100644 --- a/api_docs/kbn_ml_url_state.mdx +++ b/api_docs/kbn_ml_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-url-state title: "@kbn/ml-url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-url-state plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-url-state'] --- import kbnMlUrlStateObj from './kbn_ml_url_state.devdocs.json'; diff --git a/api_docs/kbn_mock_idp_utils.mdx b/api_docs/kbn_mock_idp_utils.mdx index 69c040cbe7954..626f33e40318b 100644 --- a/api_docs/kbn_mock_idp_utils.mdx +++ b/api_docs/kbn_mock_idp_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mock-idp-utils title: "@kbn/mock-idp-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mock-idp-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mock-idp-utils'] --- import kbnMockIdpUtilsObj from './kbn_mock_idp_utils.devdocs.json'; diff --git a/api_docs/kbn_monaco.mdx b/api_docs/kbn_monaco.mdx index eb3e55d42600a..967b9dc9b0a5f 100644 --- a/api_docs/kbn_monaco.mdx +++ b/api_docs/kbn_monaco.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-monaco title: "@kbn/monaco" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/monaco plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/monaco'] --- import kbnMonacoObj from './kbn_monaco.devdocs.json'; diff --git a/api_docs/kbn_object_versioning.mdx b/api_docs/kbn_object_versioning.mdx index 1d2b5ff137dce..3951f8e7a0410 100644 --- a/api_docs/kbn_object_versioning.mdx +++ b/api_docs/kbn_object_versioning.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning title: "@kbn/object-versioning" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning'] --- import kbnObjectVersioningObj from './kbn_object_versioning.devdocs.json'; diff --git a/api_docs/kbn_object_versioning_utils.mdx b/api_docs/kbn_object_versioning_utils.mdx index 7c44879563ee7..3217a9f73542b 100644 --- a/api_docs/kbn_object_versioning_utils.mdx +++ b/api_docs/kbn_object_versioning_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning-utils title: "@kbn/object-versioning-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning-utils'] --- import kbnObjectVersioningUtilsObj from './kbn_object_versioning_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alert_details.mdx b/api_docs/kbn_observability_alert_details.mdx index 1ee2401efa911..2b4e94b45cfa3 100644 --- a/api_docs/kbn_observability_alert_details.mdx +++ b/api_docs/kbn_observability_alert_details.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alert-details title: "@kbn/observability-alert-details" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alert-details plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alert-details'] --- import kbnObservabilityAlertDetailsObj from './kbn_observability_alert_details.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_rule_utils.mdx b/api_docs/kbn_observability_alerting_rule_utils.mdx index f4e368a53b240..dd36cbc2aa500 100644 --- a/api_docs/kbn_observability_alerting_rule_utils.mdx +++ b/api_docs/kbn_observability_alerting_rule_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-rule-utils title: "@kbn/observability-alerting-rule-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-rule-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-rule-utils'] --- import kbnObservabilityAlertingRuleUtilsObj from './kbn_observability_alerting_rule_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_test_data.mdx b/api_docs/kbn_observability_alerting_test_data.mdx index 4692f9939e316..560d2ee996014 100644 --- a/api_docs/kbn_observability_alerting_test_data.mdx +++ b/api_docs/kbn_observability_alerting_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-test-data title: "@kbn/observability-alerting-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-test-data plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-test-data'] --- import kbnObservabilityAlertingTestDataObj from './kbn_observability_alerting_test_data.devdocs.json'; diff --git a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx index d7698f6c5b2af..a1bba7021a37e 100644 --- a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx +++ b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-get-padded-alert-time-range-util title: "@kbn/observability-get-padded-alert-time-range-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-get-padded-alert-time-range-util plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-get-padded-alert-time-range-util'] --- import kbnObservabilityGetPaddedAlertTimeRangeUtilObj from './kbn_observability_get_padded_alert_time_range_util.devdocs.json'; diff --git a/api_docs/kbn_openapi_bundler.mdx b/api_docs/kbn_openapi_bundler.mdx index 76442e7b0aaee..5ade1ce96ac66 100644 --- a/api_docs/kbn_openapi_bundler.mdx +++ b/api_docs/kbn_openapi_bundler.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-bundler title: "@kbn/openapi-bundler" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-bundler plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-bundler'] --- import kbnOpenapiBundlerObj from './kbn_openapi_bundler.devdocs.json'; diff --git a/api_docs/kbn_openapi_generator.mdx b/api_docs/kbn_openapi_generator.mdx index cb486705d2908..71e36a7054d43 100644 --- a/api_docs/kbn_openapi_generator.mdx +++ b/api_docs/kbn_openapi_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-generator title: "@kbn/openapi-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-generator plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-generator'] --- import kbnOpenapiGeneratorObj from './kbn_openapi_generator.devdocs.json'; diff --git a/api_docs/kbn_optimizer.mdx b/api_docs/kbn_optimizer.mdx index fae9dd763fdce..9dd0338036648 100644 --- a/api_docs/kbn_optimizer.mdx +++ b/api_docs/kbn_optimizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer title: "@kbn/optimizer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer'] --- import kbnOptimizerObj from './kbn_optimizer.devdocs.json'; diff --git a/api_docs/kbn_optimizer_webpack_helpers.mdx b/api_docs/kbn_optimizer_webpack_helpers.mdx index bb3bb9ae70c52..c61c32e1d4d76 100644 --- a/api_docs/kbn_optimizer_webpack_helpers.mdx +++ b/api_docs/kbn_optimizer_webpack_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer-webpack-helpers title: "@kbn/optimizer-webpack-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer-webpack-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer-webpack-helpers'] --- import kbnOptimizerWebpackHelpersObj from './kbn_optimizer_webpack_helpers.devdocs.json'; diff --git a/api_docs/kbn_osquery_io_ts_types.mdx b/api_docs/kbn_osquery_io_ts_types.mdx index cf778264c7d26..783c3e9fdebe1 100644 --- a/api_docs/kbn_osquery_io_ts_types.mdx +++ b/api_docs/kbn_osquery_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-osquery-io-ts-types title: "@kbn/osquery-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/osquery-io-ts-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/osquery-io-ts-types'] --- import kbnOsqueryIoTsTypesObj from './kbn_osquery_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_panel_loader.mdx b/api_docs/kbn_panel_loader.mdx index 0292c537db889..f84e89b2cd9e8 100644 --- a/api_docs/kbn_panel_loader.mdx +++ b/api_docs/kbn_panel_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-panel-loader title: "@kbn/panel-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/panel-loader plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/panel-loader'] --- import kbnPanelLoaderObj from './kbn_panel_loader.devdocs.json'; diff --git a/api_docs/kbn_performance_testing_dataset_extractor.mdx b/api_docs/kbn_performance_testing_dataset_extractor.mdx index 36688269f3c51..74f0ba2a3e699 100644 --- a/api_docs/kbn_performance_testing_dataset_extractor.mdx +++ b/api_docs/kbn_performance_testing_dataset_extractor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-performance-testing-dataset-extractor title: "@kbn/performance-testing-dataset-extractor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/performance-testing-dataset-extractor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/performance-testing-dataset-extractor'] --- import kbnPerformanceTestingDatasetExtractorObj from './kbn_performance_testing_dataset_extractor.devdocs.json'; diff --git a/api_docs/kbn_plugin_check.mdx b/api_docs/kbn_plugin_check.mdx index 58b546bf539a5..96938025d5f12 100644 --- a/api_docs/kbn_plugin_check.mdx +++ b/api_docs/kbn_plugin_check.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-check title: "@kbn/plugin-check" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-check plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-check'] --- import kbnPluginCheckObj from './kbn_plugin_check.devdocs.json'; diff --git a/api_docs/kbn_plugin_generator.mdx b/api_docs/kbn_plugin_generator.mdx index c37253ad7c969..a2b4440e01cd9 100644 --- a/api_docs/kbn_plugin_generator.mdx +++ b/api_docs/kbn_plugin_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-generator title: "@kbn/plugin-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-generator plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-generator'] --- import kbnPluginGeneratorObj from './kbn_plugin_generator.devdocs.json'; diff --git a/api_docs/kbn_plugin_helpers.mdx b/api_docs/kbn_plugin_helpers.mdx index cfc1786625795..e8a5d612921f8 100644 --- a/api_docs/kbn_plugin_helpers.mdx +++ b/api_docs/kbn_plugin_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-helpers title: "@kbn/plugin-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-helpers'] --- import kbnPluginHelpersObj from './kbn_plugin_helpers.devdocs.json'; diff --git a/api_docs/kbn_presentation_containers.mdx b/api_docs/kbn_presentation_containers.mdx index 76d24aca00b17..093268d1c5e48 100644 --- a/api_docs/kbn_presentation_containers.mdx +++ b/api_docs/kbn_presentation_containers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-containers title: "@kbn/presentation-containers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-containers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-containers'] --- import kbnPresentationContainersObj from './kbn_presentation_containers.devdocs.json'; diff --git a/api_docs/kbn_presentation_publishing.mdx b/api_docs/kbn_presentation_publishing.mdx index 53976516fda7e..e52d6723bc59e 100644 --- a/api_docs/kbn_presentation_publishing.mdx +++ b/api_docs/kbn_presentation_publishing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-publishing title: "@kbn/presentation-publishing" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-publishing plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-publishing'] --- import kbnPresentationPublishingObj from './kbn_presentation_publishing.devdocs.json'; diff --git a/api_docs/kbn_profiling_utils.mdx b/api_docs/kbn_profiling_utils.mdx index ba1f228fb1281..f1526632ac998 100644 --- a/api_docs/kbn_profiling_utils.mdx +++ b/api_docs/kbn_profiling_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-profiling-utils title: "@kbn/profiling-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/profiling-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/profiling-utils'] --- import kbnProfilingUtilsObj from './kbn_profiling_utils.devdocs.json'; diff --git a/api_docs/kbn_random_sampling.mdx b/api_docs/kbn_random_sampling.mdx index c9660f9140afe..c5c501bbd0468 100644 --- a/api_docs/kbn_random_sampling.mdx +++ b/api_docs/kbn_random_sampling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-random-sampling title: "@kbn/random-sampling" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/random-sampling plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/random-sampling'] --- import kbnRandomSamplingObj from './kbn_random_sampling.devdocs.json'; diff --git a/api_docs/kbn_react_field.mdx b/api_docs/kbn_react_field.mdx index 17462fc445c23..43507c21c5d55 100644 --- a/api_docs/kbn_react_field.mdx +++ b/api_docs/kbn_react_field.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-field title: "@kbn/react-field" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-field plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-field'] --- import kbnReactFieldObj from './kbn_react_field.devdocs.json'; diff --git a/api_docs/kbn_react_hooks.mdx b/api_docs/kbn_react_hooks.mdx index 0422570a0f427..7a025fb416b72 100644 --- a/api_docs/kbn_react_hooks.mdx +++ b/api_docs/kbn_react_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-hooks title: "@kbn/react-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-hooks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-hooks'] --- import kbnReactHooksObj from './kbn_react_hooks.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_common.mdx b/api_docs/kbn_react_kibana_context_common.mdx index afa3073154cd8..3d5f558bfcdc3 100644 --- a/api_docs/kbn_react_kibana_context_common.mdx +++ b/api_docs/kbn_react_kibana_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-common title: "@kbn/react-kibana-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-common'] --- import kbnReactKibanaContextCommonObj from './kbn_react_kibana_context_common.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_render.mdx b/api_docs/kbn_react_kibana_context_render.mdx index f2f25f3fc9e91..6a4070152d7b2 100644 --- a/api_docs/kbn_react_kibana_context_render.mdx +++ b/api_docs/kbn_react_kibana_context_render.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-render title: "@kbn/react-kibana-context-render" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-render plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-render'] --- import kbnReactKibanaContextRenderObj from './kbn_react_kibana_context_render.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_root.mdx b/api_docs/kbn_react_kibana_context_root.mdx index a5a11e5fe40e8..17427b1839000 100644 --- a/api_docs/kbn_react_kibana_context_root.mdx +++ b/api_docs/kbn_react_kibana_context_root.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-root title: "@kbn/react-kibana-context-root" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-root plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-root'] --- import kbnReactKibanaContextRootObj from './kbn_react_kibana_context_root.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_styled.mdx b/api_docs/kbn_react_kibana_context_styled.mdx index 8ff8414a65a6e..c14c49f13bf2c 100644 --- a/api_docs/kbn_react_kibana_context_styled.mdx +++ b/api_docs/kbn_react_kibana_context_styled.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-styled title: "@kbn/react-kibana-context-styled" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-styled plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-styled'] --- import kbnReactKibanaContextStyledObj from './kbn_react_kibana_context_styled.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_theme.mdx b/api_docs/kbn_react_kibana_context_theme.mdx index b7651bc7efb6c..b43391865cd14 100644 --- a/api_docs/kbn_react_kibana_context_theme.mdx +++ b/api_docs/kbn_react_kibana_context_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-theme title: "@kbn/react-kibana-context-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-theme plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-theme'] --- import kbnReactKibanaContextThemeObj from './kbn_react_kibana_context_theme.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_mount.mdx b/api_docs/kbn_react_kibana_mount.mdx index de6bdd9ea4828..b28ede79412b5 100644 --- a/api_docs/kbn_react_kibana_mount.mdx +++ b/api_docs/kbn_react_kibana_mount.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-mount title: "@kbn/react-kibana-mount" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-mount plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-mount'] --- import kbnReactKibanaMountObj from './kbn_react_kibana_mount.devdocs.json'; diff --git a/api_docs/kbn_recently_accessed.mdx b/api_docs/kbn_recently_accessed.mdx index 6cbb7cf414131..013f293e89ad0 100644 --- a/api_docs/kbn_recently_accessed.mdx +++ b/api_docs/kbn_recently_accessed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-recently-accessed title: "@kbn/recently-accessed" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/recently-accessed plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/recently-accessed'] --- import kbnRecentlyAccessedObj from './kbn_recently_accessed.devdocs.json'; diff --git a/api_docs/kbn_repo_file_maps.mdx b/api_docs/kbn_repo_file_maps.mdx index b2742d985a2a5..330d2abdb797e 100644 --- a/api_docs/kbn_repo_file_maps.mdx +++ b/api_docs/kbn_repo_file_maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-file-maps title: "@kbn/repo-file-maps" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-file-maps plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-file-maps'] --- import kbnRepoFileMapsObj from './kbn_repo_file_maps.devdocs.json'; diff --git a/api_docs/kbn_repo_linter.mdx b/api_docs/kbn_repo_linter.mdx index b35db8d9a9f46..007dbefecd0d2 100644 --- a/api_docs/kbn_repo_linter.mdx +++ b/api_docs/kbn_repo_linter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-linter title: "@kbn/repo-linter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-linter plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-linter'] --- import kbnRepoLinterObj from './kbn_repo_linter.devdocs.json'; diff --git a/api_docs/kbn_repo_path.mdx b/api_docs/kbn_repo_path.mdx index d3711b02973b1..308a7ef29bb0e 100644 --- a/api_docs/kbn_repo_path.mdx +++ b/api_docs/kbn_repo_path.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-path title: "@kbn/repo-path" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-path plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-path'] --- import kbnRepoPathObj from './kbn_repo_path.devdocs.json'; diff --git a/api_docs/kbn_repo_source_classifier.mdx b/api_docs/kbn_repo_source_classifier.mdx index d68396bb4a45c..e29c251a102fd 100644 --- a/api_docs/kbn_repo_source_classifier.mdx +++ b/api_docs/kbn_repo_source_classifier.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-source-classifier title: "@kbn/repo-source-classifier" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-source-classifier plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-source-classifier'] --- import kbnRepoSourceClassifierObj from './kbn_repo_source_classifier.devdocs.json'; diff --git a/api_docs/kbn_reporting_common.mdx b/api_docs/kbn_reporting_common.mdx index 4b684a8e7292e..625fd8b8e6244 100644 --- a/api_docs/kbn_reporting_common.mdx +++ b/api_docs/kbn_reporting_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-common title: "@kbn/reporting-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-common'] --- import kbnReportingCommonObj from './kbn_reporting_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_csv_share_panel.mdx b/api_docs/kbn_reporting_csv_share_panel.mdx index 8eaa9d0bac620..d066ae0847f95 100644 --- a/api_docs/kbn_reporting_csv_share_panel.mdx +++ b/api_docs/kbn_reporting_csv_share_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-csv-share-panel title: "@kbn/reporting-csv-share-panel" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-csv-share-panel plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-csv-share-panel'] --- import kbnReportingCsvSharePanelObj from './kbn_reporting_csv_share_panel.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv.mdx b/api_docs/kbn_reporting_export_types_csv.mdx index ced241558dfd0..db072fbe60154 100644 --- a/api_docs/kbn_reporting_export_types_csv.mdx +++ b/api_docs/kbn_reporting_export_types_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv title: "@kbn/reporting-export-types-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv'] --- import kbnReportingExportTypesCsvObj from './kbn_reporting_export_types_csv.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv_common.mdx b/api_docs/kbn_reporting_export_types_csv_common.mdx index bb630394d6664..22b8aa3f81a79 100644 --- a/api_docs/kbn_reporting_export_types_csv_common.mdx +++ b/api_docs/kbn_reporting_export_types_csv_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv-common title: "@kbn/reporting-export-types-csv-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv-common'] --- import kbnReportingExportTypesCsvCommonObj from './kbn_reporting_export_types_csv_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf.mdx b/api_docs/kbn_reporting_export_types_pdf.mdx index 338107ce91112..93d7aa50342ac 100644 --- a/api_docs/kbn_reporting_export_types_pdf.mdx +++ b/api_docs/kbn_reporting_export_types_pdf.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf title: "@kbn/reporting-export-types-pdf" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf'] --- import kbnReportingExportTypesPdfObj from './kbn_reporting_export_types_pdf.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf_common.mdx b/api_docs/kbn_reporting_export_types_pdf_common.mdx index 50cadcd9f3283..4ab3a75890cd4 100644 --- a/api_docs/kbn_reporting_export_types_pdf_common.mdx +++ b/api_docs/kbn_reporting_export_types_pdf_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf-common title: "@kbn/reporting-export-types-pdf-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf-common'] --- import kbnReportingExportTypesPdfCommonObj from './kbn_reporting_export_types_pdf_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png.mdx b/api_docs/kbn_reporting_export_types_png.mdx index 950ebfb1e3e6f..a8d72e96ab6df 100644 --- a/api_docs/kbn_reporting_export_types_png.mdx +++ b/api_docs/kbn_reporting_export_types_png.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png title: "@kbn/reporting-export-types-png" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png'] --- import kbnReportingExportTypesPngObj from './kbn_reporting_export_types_png.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png_common.mdx b/api_docs/kbn_reporting_export_types_png_common.mdx index b0f2e3c95e09a..5f62347638c95 100644 --- a/api_docs/kbn_reporting_export_types_png_common.mdx +++ b/api_docs/kbn_reporting_export_types_png_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png-common title: "@kbn/reporting-export-types-png-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png-common'] --- import kbnReportingExportTypesPngCommonObj from './kbn_reporting_export_types_png_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_mocks_server.mdx b/api_docs/kbn_reporting_mocks_server.mdx index be42131a1b948..35dc2dcc5021e 100644 --- a/api_docs/kbn_reporting_mocks_server.mdx +++ b/api_docs/kbn_reporting_mocks_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-mocks-server title: "@kbn/reporting-mocks-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-mocks-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-mocks-server'] --- import kbnReportingMocksServerObj from './kbn_reporting_mocks_server.devdocs.json'; diff --git a/api_docs/kbn_reporting_public.mdx b/api_docs/kbn_reporting_public.mdx index f3e33b8083ae6..d6e176f90971d 100644 --- a/api_docs/kbn_reporting_public.mdx +++ b/api_docs/kbn_reporting_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-public title: "@kbn/reporting-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-public plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-public'] --- import kbnReportingPublicObj from './kbn_reporting_public.devdocs.json'; diff --git a/api_docs/kbn_reporting_server.mdx b/api_docs/kbn_reporting_server.mdx index 117662414b87c..c5839b6e455fa 100644 --- a/api_docs/kbn_reporting_server.mdx +++ b/api_docs/kbn_reporting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-server title: "@kbn/reporting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-server'] --- import kbnReportingServerObj from './kbn_reporting_server.devdocs.json'; diff --git a/api_docs/kbn_resizable_layout.mdx b/api_docs/kbn_resizable_layout.mdx index 5ef3bafc51881..b73272d3ee342 100644 --- a/api_docs/kbn_resizable_layout.mdx +++ b/api_docs/kbn_resizable_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-resizable-layout title: "@kbn/resizable-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/resizable-layout plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/resizable-layout'] --- import kbnResizableLayoutObj from './kbn_resizable_layout.devdocs.json'; diff --git a/api_docs/kbn_response_ops_feature_flag_service.mdx b/api_docs/kbn_response_ops_feature_flag_service.mdx index 572cb6c28b6a6..b11bce7147c35 100644 --- a/api_docs/kbn_response_ops_feature_flag_service.mdx +++ b/api_docs/kbn_response_ops_feature_flag_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-response-ops-feature-flag-service title: "@kbn/response-ops-feature-flag-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/response-ops-feature-flag-service plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/response-ops-feature-flag-service'] --- import kbnResponseOpsFeatureFlagServiceObj from './kbn_response_ops_feature_flag_service.devdocs.json'; diff --git a/api_docs/kbn_rison.mdx b/api_docs/kbn_rison.mdx index 88e200383af97..5847166a54698 100644 --- a/api_docs/kbn_rison.mdx +++ b/api_docs/kbn_rison.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rison title: "@kbn/rison" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rison plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rison'] --- import kbnRisonObj from './kbn_rison.devdocs.json'; diff --git a/api_docs/kbn_rollup.mdx b/api_docs/kbn_rollup.mdx index 306db3bb7f5d1..5ba66ef55d0e4 100644 --- a/api_docs/kbn_rollup.mdx +++ b/api_docs/kbn_rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rollup title: "@kbn/rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rollup plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rollup'] --- import kbnRollupObj from './kbn_rollup.devdocs.json'; diff --git a/api_docs/kbn_router_to_openapispec.mdx b/api_docs/kbn_router_to_openapispec.mdx index 2ddb636339998..ca2d2c607866a 100644 --- a/api_docs/kbn_router_to_openapispec.mdx +++ b/api_docs/kbn_router_to_openapispec.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-to-openapispec title: "@kbn/router-to-openapispec" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-to-openapispec plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-to-openapispec'] --- import kbnRouterToOpenapispecObj from './kbn_router_to_openapispec.devdocs.json'; diff --git a/api_docs/kbn_router_utils.mdx b/api_docs/kbn_router_utils.mdx index d85f6c0e8c91d..9f7088a41f727 100644 --- a/api_docs/kbn_router_utils.mdx +++ b/api_docs/kbn_router_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-utils title: "@kbn/router-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-utils'] --- import kbnRouterUtilsObj from './kbn_router_utils.devdocs.json'; diff --git a/api_docs/kbn_rrule.mdx b/api_docs/kbn_rrule.mdx index 4480546482f67..761e219f44a45 100644 --- a/api_docs/kbn_rrule.mdx +++ b/api_docs/kbn_rrule.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rrule title: "@kbn/rrule" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rrule plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rrule'] --- import kbnRruleObj from './kbn_rrule.devdocs.json'; diff --git a/api_docs/kbn_rule_data_utils.mdx b/api_docs/kbn_rule_data_utils.mdx index e7fdad85a145e..dd294080f2912 100644 --- a/api_docs/kbn_rule_data_utils.mdx +++ b/api_docs/kbn_rule_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rule-data-utils title: "@kbn/rule-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rule-data-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rule-data-utils'] --- import kbnRuleDataUtilsObj from './kbn_rule_data_utils.devdocs.json'; diff --git a/api_docs/kbn_saved_objects_settings.mdx b/api_docs/kbn_saved_objects_settings.mdx index 9129945aa7a87..d0264c0a1256d 100644 --- a/api_docs/kbn_saved_objects_settings.mdx +++ b/api_docs/kbn_saved_objects_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-saved-objects-settings title: "@kbn/saved-objects-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/saved-objects-settings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/saved-objects-settings'] --- import kbnSavedObjectsSettingsObj from './kbn_saved_objects_settings.devdocs.json'; diff --git a/api_docs/kbn_screenshotting_server.mdx b/api_docs/kbn_screenshotting_server.mdx index 55f3a250eb3a6..d534f1b236dec 100644 --- a/api_docs/kbn_screenshotting_server.mdx +++ b/api_docs/kbn_screenshotting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-screenshotting-server title: "@kbn/screenshotting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/screenshotting-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/screenshotting-server'] --- import kbnScreenshottingServerObj from './kbn_screenshotting_server.devdocs.json'; diff --git a/api_docs/kbn_search_api_panels.mdx b/api_docs/kbn_search_api_panels.mdx index 52a19b42aef18..bdbb8230ef336 100644 --- a/api_docs/kbn_search_api_panels.mdx +++ b/api_docs/kbn_search_api_panels.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-panels title: "@kbn/search-api-panels" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-panels plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-panels'] --- import kbnSearchApiPanelsObj from './kbn_search_api_panels.devdocs.json'; diff --git a/api_docs/kbn_search_connectors.mdx b/api_docs/kbn_search_connectors.mdx index 5fc123c2a5ead..0bc67b9ff7ba5 100644 --- a/api_docs/kbn_search_connectors.mdx +++ b/api_docs/kbn_search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-connectors title: "@kbn/search-connectors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-connectors plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-connectors'] --- import kbnSearchConnectorsObj from './kbn_search_connectors.devdocs.json'; diff --git a/api_docs/kbn_search_errors.mdx b/api_docs/kbn_search_errors.mdx index 6b1ffc26edc90..d89cc987031b7 100644 --- a/api_docs/kbn_search_errors.mdx +++ b/api_docs/kbn_search_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-errors title: "@kbn/search-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-errors plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-errors'] --- import kbnSearchErrorsObj from './kbn_search_errors.devdocs.json'; diff --git a/api_docs/kbn_search_index_documents.mdx b/api_docs/kbn_search_index_documents.mdx index 85fd3e79f0c2e..a9d521133f4be 100644 --- a/api_docs/kbn_search_index_documents.mdx +++ b/api_docs/kbn_search_index_documents.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-index-documents title: "@kbn/search-index-documents" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-index-documents plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-index-documents'] --- import kbnSearchIndexDocumentsObj from './kbn_search_index_documents.devdocs.json'; diff --git a/api_docs/kbn_search_response_warnings.mdx b/api_docs/kbn_search_response_warnings.mdx index 9571ac22fc124..9c44887a59fac 100644 --- a/api_docs/kbn_search_response_warnings.mdx +++ b/api_docs/kbn_search_response_warnings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-response-warnings title: "@kbn/search-response-warnings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-response-warnings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-response-warnings'] --- import kbnSearchResponseWarningsObj from './kbn_search_response_warnings.devdocs.json'; diff --git a/api_docs/kbn_search_types.mdx b/api_docs/kbn_search_types.mdx index 19bcc3cdf68a2..d1ff681fd4f44 100644 --- a/api_docs/kbn_search_types.mdx +++ b/api_docs/kbn_search_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-types title: "@kbn/search-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-types'] --- import kbnSearchTypesObj from './kbn_search_types.devdocs.json'; diff --git a/api_docs/kbn_security_api_key_management.mdx b/api_docs/kbn_security_api_key_management.mdx index 006a96d735b4e..430201c3823e9 100644 --- a/api_docs/kbn_security_api_key_management.mdx +++ b/api_docs/kbn_security_api_key_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-api-key-management title: "@kbn/security-api-key-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-api-key-management plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-api-key-management'] --- import kbnSecurityApiKeyManagementObj from './kbn_security_api_key_management.devdocs.json'; diff --git a/api_docs/kbn_security_authorization_core.mdx b/api_docs/kbn_security_authorization_core.mdx index b1a92fb35375c..551b7cb7e2ed7 100644 --- a/api_docs/kbn_security_authorization_core.mdx +++ b/api_docs/kbn_security_authorization_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-authorization-core title: "@kbn/security-authorization-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-authorization-core plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-authorization-core'] --- import kbnSecurityAuthorizationCoreObj from './kbn_security_authorization_core.devdocs.json'; diff --git a/api_docs/kbn_security_form_components.mdx b/api_docs/kbn_security_form_components.mdx index 7938628ce8d28..b977eb5c6b07f 100644 --- a/api_docs/kbn_security_form_components.mdx +++ b/api_docs/kbn_security_form_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-form-components title: "@kbn/security-form-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-form-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-form-components'] --- import kbnSecurityFormComponentsObj from './kbn_security_form_components.devdocs.json'; diff --git a/api_docs/kbn_security_hardening.mdx b/api_docs/kbn_security_hardening.mdx index 6a18814f3b9b5..93d97b71a654d 100644 --- a/api_docs/kbn_security_hardening.mdx +++ b/api_docs/kbn_security_hardening.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-hardening title: "@kbn/security-hardening" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-hardening plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-hardening'] --- import kbnSecurityHardeningObj from './kbn_security_hardening.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_common.mdx b/api_docs/kbn_security_plugin_types_common.mdx index 59ce720467e9a..907803e38525b 100644 --- a/api_docs/kbn_security_plugin_types_common.mdx +++ b/api_docs/kbn_security_plugin_types_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-common title: "@kbn/security-plugin-types-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-common'] --- import kbnSecurityPluginTypesCommonObj from './kbn_security_plugin_types_common.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_public.mdx b/api_docs/kbn_security_plugin_types_public.mdx index 3198428b41f88..226d97fb685e4 100644 --- a/api_docs/kbn_security_plugin_types_public.mdx +++ b/api_docs/kbn_security_plugin_types_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-public title: "@kbn/security-plugin-types-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-public plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-public'] --- import kbnSecurityPluginTypesPublicObj from './kbn_security_plugin_types_public.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_server.mdx b/api_docs/kbn_security_plugin_types_server.mdx index db5ea76d21d26..4c98ea2d4ba89 100644 --- a/api_docs/kbn_security_plugin_types_server.mdx +++ b/api_docs/kbn_security_plugin_types_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-server title: "@kbn/security-plugin-types-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-server'] --- import kbnSecurityPluginTypesServerObj from './kbn_security_plugin_types_server.devdocs.json'; diff --git a/api_docs/kbn_security_role_management_model.mdx b/api_docs/kbn_security_role_management_model.mdx index 6384582ce2d8e..73a5349592f9f 100644 --- a/api_docs/kbn_security_role_management_model.mdx +++ b/api_docs/kbn_security_role_management_model.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-role-management-model title: "@kbn/security-role-management-model" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-role-management-model plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-role-management-model'] --- import kbnSecurityRoleManagementModelObj from './kbn_security_role_management_model.devdocs.json'; diff --git a/api_docs/kbn_security_solution_common.mdx b/api_docs/kbn_security_solution_common.mdx index 96441f1ce1a84..2d1be761995a4 100644 --- a/api_docs/kbn_security_solution_common.mdx +++ b/api_docs/kbn_security_solution_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-common title: "@kbn/security-solution-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-common plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-common'] --- import kbnSecuritySolutionCommonObj from './kbn_security_solution_common.devdocs.json'; diff --git a/api_docs/kbn_security_solution_distribution_bar.mdx b/api_docs/kbn_security_solution_distribution_bar.mdx index 60bedea60d714..8503aa5d74388 100644 --- a/api_docs/kbn_security_solution_distribution_bar.mdx +++ b/api_docs/kbn_security_solution_distribution_bar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-distribution-bar title: "@kbn/security-solution-distribution-bar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-distribution-bar plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-distribution-bar'] --- import kbnSecuritySolutionDistributionBarObj from './kbn_security_solution_distribution_bar.devdocs.json'; diff --git a/api_docs/kbn_security_solution_features.mdx b/api_docs/kbn_security_solution_features.mdx index 72d270b61837a..ccfa1fa9d7d13 100644 --- a/api_docs/kbn_security_solution_features.mdx +++ b/api_docs/kbn_security_solution_features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-features title: "@kbn/security-solution-features" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-features plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-features'] --- import kbnSecuritySolutionFeaturesObj from './kbn_security_solution_features.devdocs.json'; diff --git a/api_docs/kbn_security_solution_navigation.mdx b/api_docs/kbn_security_solution_navigation.mdx index 72d1ea8d681b4..fe03fe3b0e13a 100644 --- a/api_docs/kbn_security_solution_navigation.mdx +++ b/api_docs/kbn_security_solution_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-navigation title: "@kbn/security-solution-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-navigation plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-navigation'] --- import kbnSecuritySolutionNavigationObj from './kbn_security_solution_navigation.devdocs.json'; diff --git a/api_docs/kbn_security_solution_side_nav.mdx b/api_docs/kbn_security_solution_side_nav.mdx index d3201cc3a4a51..d4dc7d870615b 100644 --- a/api_docs/kbn_security_solution_side_nav.mdx +++ b/api_docs/kbn_security_solution_side_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-side-nav title: "@kbn/security-solution-side-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-side-nav plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-side-nav'] --- import kbnSecuritySolutionSideNavObj from './kbn_security_solution_side_nav.devdocs.json'; diff --git a/api_docs/kbn_security_solution_storybook_config.mdx b/api_docs/kbn_security_solution_storybook_config.mdx index abc8b792757aa..4c9e135f87832 100644 --- a/api_docs/kbn_security_solution_storybook_config.mdx +++ b/api_docs/kbn_security_solution_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-storybook-config title: "@kbn/security-solution-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-storybook-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-storybook-config'] --- import kbnSecuritySolutionStorybookConfigObj from './kbn_security_solution_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_security_ui_components.mdx b/api_docs/kbn_security_ui_components.mdx index baa9faa186cf6..e83036d5ab054 100644 --- a/api_docs/kbn_security_ui_components.mdx +++ b/api_docs/kbn_security_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-ui-components title: "@kbn/security-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-ui-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-ui-components'] --- import kbnSecurityUiComponentsObj from './kbn_security_ui_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_autocomplete.mdx b/api_docs/kbn_securitysolution_autocomplete.mdx index 7b2d532d1a2e8..833aeb7ad7fbb 100644 --- a/api_docs/kbn_securitysolution_autocomplete.mdx +++ b/api_docs/kbn_securitysolution_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-autocomplete title: "@kbn/securitysolution-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-autocomplete plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-autocomplete'] --- import kbnSecuritysolutionAutocompleteObj from './kbn_securitysolution_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_data_table.mdx b/api_docs/kbn_securitysolution_data_table.mdx index b2ba3bce1e743..8ba7ec8de8e0e 100644 --- a/api_docs/kbn_securitysolution_data_table.mdx +++ b/api_docs/kbn_securitysolution_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-data-table title: "@kbn/securitysolution-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-data-table plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-data-table'] --- import kbnSecuritysolutionDataTableObj from './kbn_securitysolution_data_table.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_ecs.mdx b/api_docs/kbn_securitysolution_ecs.mdx index 13c8ce4879833..498e5e5fed3bf 100644 --- a/api_docs/kbn_securitysolution_ecs.mdx +++ b/api_docs/kbn_securitysolution_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-ecs title: "@kbn/securitysolution-ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-ecs plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-ecs'] --- import kbnSecuritysolutionEcsObj from './kbn_securitysolution_ecs.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_es_utils.mdx b/api_docs/kbn_securitysolution_es_utils.mdx index f045f8a89fd1c..531a468db9243 100644 --- a/api_docs/kbn_securitysolution_es_utils.mdx +++ b/api_docs/kbn_securitysolution_es_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-es-utils title: "@kbn/securitysolution-es-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-es-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-es-utils'] --- import kbnSecuritysolutionEsUtilsObj from './kbn_securitysolution_es_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_exception_list_components.mdx b/api_docs/kbn_securitysolution_exception_list_components.mdx index 0f133c4b78be9..686633330f022 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.mdx +++ b/api_docs/kbn_securitysolution_exception_list_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-exception-list-components title: "@kbn/securitysolution-exception-list-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-exception-list-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-exception-list-components'] --- import kbnSecuritysolutionExceptionListComponentsObj from './kbn_securitysolution_exception_list_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_hook_utils.mdx b/api_docs/kbn_securitysolution_hook_utils.mdx index c52762ae29916..9fc84aa46b2b4 100644 --- a/api_docs/kbn_securitysolution_hook_utils.mdx +++ b/api_docs/kbn_securitysolution_hook_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-hook-utils title: "@kbn/securitysolution-hook-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-hook-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-hook-utils'] --- import kbnSecuritysolutionHookUtilsObj from './kbn_securitysolution_hook_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx index f6ecb50139980..ef945a4a42ca1 100644 --- a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-alerting-types title: "@kbn/securitysolution-io-ts-alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-alerting-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-alerting-types'] --- import kbnSecuritysolutionIoTsAlertingTypesObj from './kbn_securitysolution_io_ts_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_list_types.mdx b/api_docs/kbn_securitysolution_io_ts_list_types.mdx index 50f3718b74331..318a63cc4d18d 100644 --- a/api_docs/kbn_securitysolution_io_ts_list_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_list_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-list-types title: "@kbn/securitysolution-io-ts-list-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-list-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-list-types'] --- import kbnSecuritysolutionIoTsListTypesObj from './kbn_securitysolution_io_ts_list_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_types.mdx b/api_docs/kbn_securitysolution_io_ts_types.mdx index 7c2d3528a6b1c..36736d13b18d3 100644 --- a/api_docs/kbn_securitysolution_io_ts_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-types title: "@kbn/securitysolution-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-types'] --- import kbnSecuritysolutionIoTsTypesObj from './kbn_securitysolution_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_utils.mdx b/api_docs/kbn_securitysolution_io_ts_utils.mdx index 2f93471f61239..1f9321708acd7 100644 --- a/api_docs/kbn_securitysolution_io_ts_utils.mdx +++ b/api_docs/kbn_securitysolution_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-utils title: "@kbn/securitysolution-io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-utils'] --- import kbnSecuritysolutionIoTsUtilsObj from './kbn_securitysolution_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_api.mdx b/api_docs/kbn_securitysolution_list_api.mdx index e75f70c47bd99..c56286a1cf17a 100644 --- a/api_docs/kbn_securitysolution_list_api.mdx +++ b/api_docs/kbn_securitysolution_list_api.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-api title: "@kbn/securitysolution-list-api" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-api plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-api'] --- import kbnSecuritysolutionListApiObj from './kbn_securitysolution_list_api.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_constants.mdx b/api_docs/kbn_securitysolution_list_constants.mdx index e9bf3761a2b3f..a3f01236e42be 100644 --- a/api_docs/kbn_securitysolution_list_constants.mdx +++ b/api_docs/kbn_securitysolution_list_constants.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-constants title: "@kbn/securitysolution-list-constants" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-constants plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-constants'] --- import kbnSecuritysolutionListConstantsObj from './kbn_securitysolution_list_constants.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_hooks.mdx b/api_docs/kbn_securitysolution_list_hooks.mdx index 58f900a9b46f4..773e1daec362c 100644 --- a/api_docs/kbn_securitysolution_list_hooks.mdx +++ b/api_docs/kbn_securitysolution_list_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-hooks title: "@kbn/securitysolution-list-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-hooks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-hooks'] --- import kbnSecuritysolutionListHooksObj from './kbn_securitysolution_list_hooks.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_utils.mdx b/api_docs/kbn_securitysolution_list_utils.mdx index 54ced479d3d4b..bf31df6242884 100644 --- a/api_docs/kbn_securitysolution_list_utils.mdx +++ b/api_docs/kbn_securitysolution_list_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-utils title: "@kbn/securitysolution-list-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-utils'] --- import kbnSecuritysolutionListUtilsObj from './kbn_securitysolution_list_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_rules.mdx b/api_docs/kbn_securitysolution_rules.mdx index 128802154c6f7..b5c2c0ab5d945 100644 --- a/api_docs/kbn_securitysolution_rules.mdx +++ b/api_docs/kbn_securitysolution_rules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-rules title: "@kbn/securitysolution-rules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-rules plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-rules'] --- import kbnSecuritysolutionRulesObj from './kbn_securitysolution_rules.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_t_grid.mdx b/api_docs/kbn_securitysolution_t_grid.mdx index 258062397ba83..749914a01e6d7 100644 --- a/api_docs/kbn_securitysolution_t_grid.mdx +++ b/api_docs/kbn_securitysolution_t_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-t-grid title: "@kbn/securitysolution-t-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-t-grid plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-t-grid'] --- import kbnSecuritysolutionTGridObj from './kbn_securitysolution_t_grid.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_utils.mdx b/api_docs/kbn_securitysolution_utils.mdx index 046c0343919bc..6079071cfb138 100644 --- a/api_docs/kbn_securitysolution_utils.mdx +++ b/api_docs/kbn_securitysolution_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-utils title: "@kbn/securitysolution-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-utils'] --- import kbnSecuritysolutionUtilsObj from './kbn_securitysolution_utils.devdocs.json'; diff --git a/api_docs/kbn_server_http_tools.mdx b/api_docs/kbn_server_http_tools.mdx index ce7b09f044fe9..9396d7c2232e2 100644 --- a/api_docs/kbn_server_http_tools.mdx +++ b/api_docs/kbn_server_http_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-http-tools title: "@kbn/server-http-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-http-tools plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-http-tools'] --- import kbnServerHttpToolsObj from './kbn_server_http_tools.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository.mdx b/api_docs/kbn_server_route_repository.mdx index 47d04b3dad68a..b44dc646e392e 100644 --- a/api_docs/kbn_server_route_repository.mdx +++ b/api_docs/kbn_server_route_repository.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository title: "@kbn/server-route-repository" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository'] --- import kbnServerRouteRepositoryObj from './kbn_server_route_repository.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_client.mdx b/api_docs/kbn_server_route_repository_client.mdx index 480dffd2da99c..0add7375192b1 100644 --- a/api_docs/kbn_server_route_repository_client.mdx +++ b/api_docs/kbn_server_route_repository_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-client title: "@kbn/server-route-repository-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-client plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-client'] --- import kbnServerRouteRepositoryClientObj from './kbn_server_route_repository_client.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_utils.mdx b/api_docs/kbn_server_route_repository_utils.mdx index 6ab29bcf5c365..d1debbddaca93 100644 --- a/api_docs/kbn_server_route_repository_utils.mdx +++ b/api_docs/kbn_server_route_repository_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-utils title: "@kbn/server-route-repository-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-utils'] --- import kbnServerRouteRepositoryUtilsObj from './kbn_server_route_repository_utils.devdocs.json'; diff --git a/api_docs/kbn_serverless_common_settings.mdx b/api_docs/kbn_serverless_common_settings.mdx index 6d77c28eb58fe..e400e245a5666 100644 --- a/api_docs/kbn_serverless_common_settings.mdx +++ b/api_docs/kbn_serverless_common_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-common-settings title: "@kbn/serverless-common-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-common-settings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-common-settings'] --- import kbnServerlessCommonSettingsObj from './kbn_serverless_common_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_observability_settings.mdx b/api_docs/kbn_serverless_observability_settings.mdx index 7aa552803667b..69e176fcb4826 100644 --- a/api_docs/kbn_serverless_observability_settings.mdx +++ b/api_docs/kbn_serverless_observability_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-observability-settings title: "@kbn/serverless-observability-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-observability-settings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-observability-settings'] --- import kbnServerlessObservabilitySettingsObj from './kbn_serverless_observability_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_project_switcher.mdx b/api_docs/kbn_serverless_project_switcher.mdx index 6783e9c61d43d..63bf5abb87465 100644 --- a/api_docs/kbn_serverless_project_switcher.mdx +++ b/api_docs/kbn_serverless_project_switcher.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-project-switcher title: "@kbn/serverless-project-switcher" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-project-switcher plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-project-switcher'] --- import kbnServerlessProjectSwitcherObj from './kbn_serverless_project_switcher.devdocs.json'; diff --git a/api_docs/kbn_serverless_search_settings.mdx b/api_docs/kbn_serverless_search_settings.mdx index c98ea770ebc77..88d04b09705c6 100644 --- a/api_docs/kbn_serverless_search_settings.mdx +++ b/api_docs/kbn_serverless_search_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-search-settings title: "@kbn/serverless-search-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-search-settings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-search-settings'] --- import kbnServerlessSearchSettingsObj from './kbn_serverless_search_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_security_settings.mdx b/api_docs/kbn_serverless_security_settings.mdx index 17d91c23691f0..e1e55d16279c3 100644 --- a/api_docs/kbn_serverless_security_settings.mdx +++ b/api_docs/kbn_serverless_security_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-security-settings title: "@kbn/serverless-security-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-security-settings plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-security-settings'] --- import kbnServerlessSecuritySettingsObj from './kbn_serverless_security_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_storybook_config.mdx b/api_docs/kbn_serverless_storybook_config.mdx index 1b6f3f3b59e2a..49c01eff9f08b 100644 --- a/api_docs/kbn_serverless_storybook_config.mdx +++ b/api_docs/kbn_serverless_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-storybook-config title: "@kbn/serverless-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-storybook-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-storybook-config'] --- import kbnServerlessStorybookConfigObj from './kbn_serverless_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_svg.mdx b/api_docs/kbn_shared_svg.mdx index d981958348228..08a357609c485 100644 --- a/api_docs/kbn_shared_svg.mdx +++ b/api_docs/kbn_shared_svg.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-svg title: "@kbn/shared-svg" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-svg plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-svg'] --- import kbnSharedSvgObj from './kbn_shared_svg.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_solution.mdx b/api_docs/kbn_shared_ux_avatar_solution.mdx index f7f2ce9ea8a0a..fb3eaac8e1e27 100644 --- a/api_docs/kbn_shared_ux_avatar_solution.mdx +++ b/api_docs/kbn_shared_ux_avatar_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-solution title: "@kbn/shared-ux-avatar-solution" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-solution plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-solution'] --- import kbnSharedUxAvatarSolutionObj from './kbn_shared_ux_avatar_solution.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx index ac67d13cb2317..de3cc1de65686 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen title: "@kbn/shared-ux-button-exit-full-screen" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen'] --- import kbnSharedUxButtonExitFullScreenObj from './kbn_shared_ux_button_exit_full_screen.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_toolbar.mdx b/api_docs/kbn_shared_ux_button_toolbar.mdx index 1c93664d81b7e..ea3a14ecee95e 100644 --- a/api_docs/kbn_shared_ux_button_toolbar.mdx +++ b/api_docs/kbn_shared_ux_button_toolbar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-toolbar title: "@kbn/shared-ux-button-toolbar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-toolbar plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-toolbar'] --- import kbnSharedUxButtonToolbarObj from './kbn_shared_ux_button_toolbar.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data.mdx b/api_docs/kbn_shared_ux_card_no_data.mdx index 37f87f2c0f709..2c885efc3b477 100644 --- a/api_docs/kbn_shared_ux_card_no_data.mdx +++ b/api_docs/kbn_shared_ux_card_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data title: "@kbn/shared-ux-card-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data'] --- import kbnSharedUxCardNoDataObj from './kbn_shared_ux_card_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx index 4bef06f610198..17cc3985df693 100644 --- a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data-mocks title: "@kbn/shared-ux-card-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data-mocks'] --- import kbnSharedUxCardNoDataMocksObj from './kbn_shared_ux_card_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_chrome_navigation.mdx b/api_docs/kbn_shared_ux_chrome_navigation.mdx index 9171277f5ac32..2fe86f20afe94 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.mdx +++ b/api_docs/kbn_shared_ux_chrome_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-chrome-navigation title: "@kbn/shared-ux-chrome-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-chrome-navigation plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-chrome-navigation'] --- import kbnSharedUxChromeNavigationObj from './kbn_shared_ux_chrome_navigation.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_error_boundary.mdx b/api_docs/kbn_shared_ux_error_boundary.mdx index 190e4fbbbc7aa..8a6ea5e7d5e1a 100644 --- a/api_docs/kbn_shared_ux_error_boundary.mdx +++ b/api_docs/kbn_shared_ux_error_boundary.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-error-boundary title: "@kbn/shared-ux-error-boundary" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-error-boundary plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-error-boundary'] --- import kbnSharedUxErrorBoundaryObj from './kbn_shared_ux_error_boundary.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_context.mdx b/api_docs/kbn_shared_ux_file_context.mdx index 87aee4cc2d8f4..1f3d3787e97b3 100644 --- a/api_docs/kbn_shared_ux_file_context.mdx +++ b/api_docs/kbn_shared_ux_file_context.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-context title: "@kbn/shared-ux-file-context" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-context plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-context'] --- import kbnSharedUxFileContextObj from './kbn_shared_ux_file_context.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image.mdx b/api_docs/kbn_shared_ux_file_image.mdx index cff0527d84169..d7c5702615c03 100644 --- a/api_docs/kbn_shared_ux_file_image.mdx +++ b/api_docs/kbn_shared_ux_file_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image title: "@kbn/shared-ux-file-image" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image'] --- import kbnSharedUxFileImageObj from './kbn_shared_ux_file_image.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image_mocks.mdx b/api_docs/kbn_shared_ux_file_image_mocks.mdx index f6fb4fa262770..433920e7f2a82 100644 --- a/api_docs/kbn_shared_ux_file_image_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_image_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image-mocks title: "@kbn/shared-ux-file-image-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image-mocks'] --- import kbnSharedUxFileImageMocksObj from './kbn_shared_ux_file_image_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_mocks.mdx b/api_docs/kbn_shared_ux_file_mocks.mdx index b1bd2e467f08b..776c77925ca2c 100644 --- a/api_docs/kbn_shared_ux_file_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-mocks title: "@kbn/shared-ux-file-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-mocks'] --- import kbnSharedUxFileMocksObj from './kbn_shared_ux_file_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_picker.mdx b/api_docs/kbn_shared_ux_file_picker.mdx index a387d90e06596..ff85e6cb9ef13 100644 --- a/api_docs/kbn_shared_ux_file_picker.mdx +++ b/api_docs/kbn_shared_ux_file_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-picker title: "@kbn/shared-ux-file-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-picker plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-picker'] --- import kbnSharedUxFilePickerObj from './kbn_shared_ux_file_picker.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_types.mdx b/api_docs/kbn_shared_ux_file_types.mdx index a53952c52a767..c34da905340bf 100644 --- a/api_docs/kbn_shared_ux_file_types.mdx +++ b/api_docs/kbn_shared_ux_file_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-types title: "@kbn/shared-ux-file-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-types'] --- import kbnSharedUxFileTypesObj from './kbn_shared_ux_file_types.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_upload.mdx b/api_docs/kbn_shared_ux_file_upload.mdx index cd3b674ec0938..7e2e1d3cdf8be 100644 --- a/api_docs/kbn_shared_ux_file_upload.mdx +++ b/api_docs/kbn_shared_ux_file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-upload title: "@kbn/shared-ux-file-upload" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-upload plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-upload'] --- import kbnSharedUxFileUploadObj from './kbn_shared_ux_file_upload.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_util.mdx b/api_docs/kbn_shared_ux_file_util.mdx index b3e65d9ef7606..2916508704eed 100644 --- a/api_docs/kbn_shared_ux_file_util.mdx +++ b/api_docs/kbn_shared_ux_file_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-util title: "@kbn/shared-ux-file-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-util plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-util'] --- import kbnSharedUxFileUtilObj from './kbn_shared_ux_file_util.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app.mdx b/api_docs/kbn_shared_ux_link_redirect_app.mdx index caebf9395fedc..3fb8e93c040f5 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app title: "@kbn/shared-ux-link-redirect-app" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app'] --- import kbnSharedUxLinkRedirectAppObj from './kbn_shared_ux_link_redirect_app.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx index 1235397985595..468a75505fc68 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app-mocks title: "@kbn/shared-ux-link-redirect-app-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app-mocks'] --- import kbnSharedUxLinkRedirectAppMocksObj from './kbn_shared_ux_link_redirect_app_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown.mdx b/api_docs/kbn_shared_ux_markdown.mdx index 2f28b139d3ed9..b7e26e3a325a1 100644 --- a/api_docs/kbn_shared_ux_markdown.mdx +++ b/api_docs/kbn_shared_ux_markdown.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown title: "@kbn/shared-ux-markdown" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown'] --- import kbnSharedUxMarkdownObj from './kbn_shared_ux_markdown.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown_mocks.mdx b/api_docs/kbn_shared_ux_markdown_mocks.mdx index eca75c00b2de9..a9af6dd596ee8 100644 --- a/api_docs/kbn_shared_ux_markdown_mocks.mdx +++ b/api_docs/kbn_shared_ux_markdown_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown-mocks title: "@kbn/shared-ux-markdown-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown-mocks'] --- import kbnSharedUxMarkdownMocksObj from './kbn_shared_ux_markdown_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx index e5e0a75ccc259..50ced0c469c6a 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data title: "@kbn/shared-ux-page-analytics-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data'] --- import kbnSharedUxPageAnalyticsNoDataObj from './kbn_shared_ux_page_analytics_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx index 41dbf025c083f..9b0d832459f6a 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data-mocks title: "@kbn/shared-ux-page-analytics-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data-mocks'] --- import kbnSharedUxPageAnalyticsNoDataMocksObj from './kbn_shared_ux_page_analytics_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx index d3434cf5aaf85..c6efae402cd7d 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data title: "@kbn/shared-ux-page-kibana-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data'] --- import kbnSharedUxPageKibanaNoDataObj from './kbn_shared_ux_page_kibana_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx index 653c4ae035748..a610a7d039891 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data-mocks title: "@kbn/shared-ux-page-kibana-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data-mocks'] --- import kbnSharedUxPageKibanaNoDataMocksObj from './kbn_shared_ux_page_kibana_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template.mdx b/api_docs/kbn_shared_ux_page_kibana_template.mdx index e0b0186b16a64..c0e6fc9cce67e 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template title: "@kbn/shared-ux-page-kibana-template" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template'] --- import kbnSharedUxPageKibanaTemplateObj from './kbn_shared_ux_page_kibana_template.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx index 1c8337c173817..15ac61055a3c4 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template-mocks title: "@kbn/shared-ux-page-kibana-template-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template-mocks'] --- import kbnSharedUxPageKibanaTemplateMocksObj from './kbn_shared_ux_page_kibana_template_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data.mdx b/api_docs/kbn_shared_ux_page_no_data.mdx index 8495d47f914bc..732e72914177f 100644 --- a/api_docs/kbn_shared_ux_page_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data title: "@kbn/shared-ux-page-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data'] --- import kbnSharedUxPageNoDataObj from './kbn_shared_ux_page_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config.mdx b/api_docs/kbn_shared_ux_page_no_data_config.mdx index 5b7588c110621..04e01ad524697 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config title: "@kbn/shared-ux-page-no-data-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config'] --- import kbnSharedUxPageNoDataConfigObj from './kbn_shared_ux_page_no_data_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx index d020903accff5..fd6efac3677b8 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config-mocks title: "@kbn/shared-ux-page-no-data-config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config-mocks'] --- import kbnSharedUxPageNoDataConfigMocksObj from './kbn_shared_ux_page_no_data_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx index 2d05f399289e2..640aacf851153 100644 --- a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-mocks title: "@kbn/shared-ux-page-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-mocks'] --- import kbnSharedUxPageNoDataMocksObj from './kbn_shared_ux_page_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_solution_nav.mdx b/api_docs/kbn_shared_ux_page_solution_nav.mdx index f52c714b7680d..55da6e727db31 100644 --- a/api_docs/kbn_shared_ux_page_solution_nav.mdx +++ b/api_docs/kbn_shared_ux_page_solution_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-solution-nav title: "@kbn/shared-ux-page-solution-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-solution-nav plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-solution-nav'] --- import kbnSharedUxPageSolutionNavObj from './kbn_shared_ux_page_solution_nav.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx index dd44dc1f48854..3cca1c55c90c1 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views title: "@kbn/shared-ux-prompt-no-data-views" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views'] --- import kbnSharedUxPromptNoDataViewsObj from './kbn_shared_ux_prompt_no_data_views.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx index 9c8e17b814489..013b6710af92b 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views-mocks title: "@kbn/shared-ux-prompt-no-data-views-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views-mocks'] --- import kbnSharedUxPromptNoDataViewsMocksObj from './kbn_shared_ux_prompt_no_data_views_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_not_found.mdx b/api_docs/kbn_shared_ux_prompt_not_found.mdx index a46fa56326bef..1e75b502b6071 100644 --- a/api_docs/kbn_shared_ux_prompt_not_found.mdx +++ b/api_docs/kbn_shared_ux_prompt_not_found.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-not-found title: "@kbn/shared-ux-prompt-not-found" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-not-found plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-not-found'] --- import kbnSharedUxPromptNotFoundObj from './kbn_shared_ux_prompt_not_found.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router.mdx b/api_docs/kbn_shared_ux_router.mdx index 16808df4326fc..7f81a25577314 100644 --- a/api_docs/kbn_shared_ux_router.mdx +++ b/api_docs/kbn_shared_ux_router.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router title: "@kbn/shared-ux-router" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router'] --- import kbnSharedUxRouterObj from './kbn_shared_ux_router.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router_mocks.mdx b/api_docs/kbn_shared_ux_router_mocks.mdx index d12d26c6cf6fe..3df06efe880ef 100644 --- a/api_docs/kbn_shared_ux_router_mocks.mdx +++ b/api_docs/kbn_shared_ux_router_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router-mocks title: "@kbn/shared-ux-router-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router-mocks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router-mocks'] --- import kbnSharedUxRouterMocksObj from './kbn_shared_ux_router_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_config.mdx b/api_docs/kbn_shared_ux_storybook_config.mdx index 7cbb31fb55451..0f1819b81ad26 100644 --- a/api_docs/kbn_shared_ux_storybook_config.mdx +++ b/api_docs/kbn_shared_ux_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-config title: "@kbn/shared-ux-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-config'] --- import kbnSharedUxStorybookConfigObj from './kbn_shared_ux_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_mock.mdx b/api_docs/kbn_shared_ux_storybook_mock.mdx index 27f111fff1881..7cae455e6a1e0 100644 --- a/api_docs/kbn_shared_ux_storybook_mock.mdx +++ b/api_docs/kbn_shared_ux_storybook_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-mock title: "@kbn/shared-ux-storybook-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-mock plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-mock'] --- import kbnSharedUxStorybookMockObj from './kbn_shared_ux_storybook_mock.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_tabbed_modal.mdx b/api_docs/kbn_shared_ux_tabbed_modal.mdx index 67b59c1a1ed9c..af59b63499e6d 100644 --- a/api_docs/kbn_shared_ux_tabbed_modal.mdx +++ b/api_docs/kbn_shared_ux_tabbed_modal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-tabbed-modal title: "@kbn/shared-ux-tabbed-modal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-tabbed-modal plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-tabbed-modal'] --- import kbnSharedUxTabbedModalObj from './kbn_shared_ux_tabbed_modal.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_table_persist.mdx b/api_docs/kbn_shared_ux_table_persist.mdx index 87dc1ffeb45fb..10d777179400b 100644 --- a/api_docs/kbn_shared_ux_table_persist.mdx +++ b/api_docs/kbn_shared_ux_table_persist.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-table-persist title: "@kbn/shared-ux-table-persist" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-table-persist plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-table-persist'] --- import kbnSharedUxTablePersistObj from './kbn_shared_ux_table_persist.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_utility.mdx b/api_docs/kbn_shared_ux_utility.mdx index ce260b5f2c5ee..848c4c296e70b 100644 --- a/api_docs/kbn_shared_ux_utility.mdx +++ b/api_docs/kbn_shared_ux_utility.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-utility title: "@kbn/shared-ux-utility" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-utility plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-utility'] --- import kbnSharedUxUtilityObj from './kbn_shared_ux_utility.devdocs.json'; diff --git a/api_docs/kbn_slo_schema.devdocs.json b/api_docs/kbn_slo_schema.devdocs.json index dad426dd249e5..d83e3fa5fc3d5 100644 --- a/api_docs/kbn_slo_schema.devdocs.json +++ b/api_docs/kbn_slo_schema.devdocs.json @@ -918,7 +918,7 @@ "section": "def-common.Duration", "text": "Duration" }, - " | undefined; }) | undefined; instanceId?: string | undefined; groupBy?: string | undefined; remoteName?: string | undefined; groupings?: { [x: string]: unknown; } | undefined; }" + " | undefined; }) | undefined; instanceId?: string | undefined; groupBy?: string | string[] | undefined; remoteName?: string | undefined; groupings?: { [x: string]: unknown; } | undefined; }" ], "path": "x-pack/packages/kbn-slo-schema/src/rest_specs/routes/get_preview_data.ts", "deprecated": false, @@ -8315,8 +8315,20 @@ ", string, unknown>; }>]>; instanceId: ", "StringC", "; groupBy: ", + "UnionC", + "<[", + "LiteralC", + "<\"*\">, ", + "StringC", + ", ", + "ArrayC", + "<", + "UnionC", + "<[", + "LiteralC", + "<\"*\">, ", "StringC", - "; remoteName: ", + "]>>]>; remoteName: ", "StringC", "; groupings: ", "RecordC", @@ -8477,12 +8489,18 @@ "<{ groupBy: ", "UnionC", "<[", + "LiteralC", + "<\"*\">, ", "StringC", ", ", "ArrayC", "<", + "UnionC", + "<[", + "LiteralC", + "<\"*\">, ", "StringC", - ">]>; instances: ", + "]>>]>; instances: ", "ArrayC", "<", "StringC", diff --git a/api_docs/kbn_slo_schema.mdx b/api_docs/kbn_slo_schema.mdx index c88e51f2f04f3..a234e4cbe481e 100644 --- a/api_docs/kbn_slo_schema.mdx +++ b/api_docs/kbn_slo_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-slo-schema title: "@kbn/slo-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/slo-schema plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/slo-schema'] --- import kbnSloSchemaObj from './kbn_slo_schema.devdocs.json'; diff --git a/api_docs/kbn_some_dev_log.mdx b/api_docs/kbn_some_dev_log.mdx index 84d4f37d45f26..fc34df579d514 100644 --- a/api_docs/kbn_some_dev_log.mdx +++ b/api_docs/kbn_some_dev_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-some-dev-log title: "@kbn/some-dev-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/some-dev-log plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/some-dev-log'] --- import kbnSomeDevLogObj from './kbn_some_dev_log.devdocs.json'; diff --git a/api_docs/kbn_sort_predicates.mdx b/api_docs/kbn_sort_predicates.mdx index 17c7b88b00c29..38c3c1117245e 100644 --- a/api_docs/kbn_sort_predicates.mdx +++ b/api_docs/kbn_sort_predicates.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sort-predicates title: "@kbn/sort-predicates" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sort-predicates plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sort-predicates'] --- import kbnSortPredicatesObj from './kbn_sort_predicates.devdocs.json'; diff --git a/api_docs/kbn_sse_utils.mdx b/api_docs/kbn_sse_utils.mdx index 0d8e5a387a518..0568e570fc1c5 100644 --- a/api_docs/kbn_sse_utils.mdx +++ b/api_docs/kbn_sse_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils title: "@kbn/sse-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils'] --- import kbnSseUtilsObj from './kbn_sse_utils.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_client.mdx b/api_docs/kbn_sse_utils_client.mdx index a1659192b7415..40647dd4610de 100644 --- a/api_docs/kbn_sse_utils_client.mdx +++ b/api_docs/kbn_sse_utils_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-client title: "@kbn/sse-utils-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-client plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-client'] --- import kbnSseUtilsClientObj from './kbn_sse_utils_client.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_server.mdx b/api_docs/kbn_sse_utils_server.mdx index 2dd435f02a2f7..668403a8ff8d1 100644 --- a/api_docs/kbn_sse_utils_server.mdx +++ b/api_docs/kbn_sse_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-server title: "@kbn/sse-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-server plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-server'] --- import kbnSseUtilsServerObj from './kbn_sse_utils_server.devdocs.json'; diff --git a/api_docs/kbn_std.devdocs.json b/api_docs/kbn_std.devdocs.json index 7dda5e8072d18..52ab3ce364996 100644 --- a/api_docs/kbn_std.devdocs.json +++ b/api_docs/kbn_std.devdocs.json @@ -1686,56 +1686,6 @@ "returnComment": [], "initialIsOpen": false }, - { - "parentPluginId": "@kbn/std", - "id": "def-common.unset", - "type": "Function", - "tags": [], - "label": "unset", - "description": [ - "\nUnset a (potentially nested) key from given object.\nThis mutates the original object.\n" - ], - "signature": [ - "(obj: OBJ, atPath: string) => void" - ], - "path": "packages/kbn-std/src/unset.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "@kbn/std", - "id": "def-common.unset.$1", - "type": "Uncategorized", - "tags": [], - "label": "obj", - "description": [], - "signature": [ - "OBJ" - ], - "path": "packages/kbn-std/src/unset.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - }, - { - "parentPluginId": "@kbn/std", - "id": "def-common.unset.$2", - "type": "string", - "tags": [], - "label": "atPath", - "description": [], - "signature": [ - "string" - ], - "path": "packages/kbn-std/src/unset.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [], - "initialIsOpen": false - }, { "parentPluginId": "@kbn/std", "id": "def-common.withTimeout", diff --git a/api_docs/kbn_std.mdx b/api_docs/kbn_std.mdx index b928fa9db82d9..e5efc79a74b52 100644 --- a/api_docs/kbn_std.mdx +++ b/api_docs/kbn_std.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-std title: "@kbn/std" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/std plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/std'] --- import kbnStdObj from './kbn_std.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 111 | 2 | 72 | 1 | +| 108 | 2 | 70 | 1 | ## Common diff --git a/api_docs/kbn_stdio_dev_helpers.mdx b/api_docs/kbn_stdio_dev_helpers.mdx index 84f1fb9bfc311..9404f3632c20a 100644 --- a/api_docs/kbn_stdio_dev_helpers.mdx +++ b/api_docs/kbn_stdio_dev_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-stdio-dev-helpers title: "@kbn/stdio-dev-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/stdio-dev-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/stdio-dev-helpers'] --- import kbnStdioDevHelpersObj from './kbn_stdio_dev_helpers.devdocs.json'; diff --git a/api_docs/kbn_storybook.mdx b/api_docs/kbn_storybook.mdx index 5453e3403f17e..9e268bfbb941e 100644 --- a/api_docs/kbn_storybook.mdx +++ b/api_docs/kbn_storybook.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-storybook title: "@kbn/storybook" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/storybook plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/storybook'] --- import kbnStorybookObj from './kbn_storybook.devdocs.json'; diff --git a/api_docs/kbn_synthetics_e2e.mdx b/api_docs/kbn_synthetics_e2e.mdx index 801fbdc55033d..d78169ef551f5 100644 --- a/api_docs/kbn_synthetics_e2e.mdx +++ b/api_docs/kbn_synthetics_e2e.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-e2e title: "@kbn/synthetics-e2e" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-e2e plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-e2e'] --- import kbnSyntheticsE2eObj from './kbn_synthetics_e2e.devdocs.json'; diff --git a/api_docs/kbn_synthetics_private_location.mdx b/api_docs/kbn_synthetics_private_location.mdx index 52a083a6a376b..7fcda51c5d677 100644 --- a/api_docs/kbn_synthetics_private_location.mdx +++ b/api_docs/kbn_synthetics_private_location.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-private-location title: "@kbn/synthetics-private-location" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-private-location plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-private-location'] --- import kbnSyntheticsPrivateLocationObj from './kbn_synthetics_private_location.devdocs.json'; diff --git a/api_docs/kbn_telemetry_tools.mdx b/api_docs/kbn_telemetry_tools.mdx index 95df013dd9e11..dd053904dfae6 100644 --- a/api_docs/kbn_telemetry_tools.mdx +++ b/api_docs/kbn_telemetry_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-telemetry-tools title: "@kbn/telemetry-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/telemetry-tools plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/telemetry-tools'] --- import kbnTelemetryToolsObj from './kbn_telemetry_tools.devdocs.json'; diff --git a/api_docs/kbn_test.mdx b/api_docs/kbn_test.mdx index c66cddc5344ef..523844ac6b3db 100644 --- a/api_docs/kbn_test.mdx +++ b/api_docs/kbn_test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test title: "@kbn/test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test'] --- import kbnTestObj from './kbn_test.devdocs.json'; diff --git a/api_docs/kbn_test_eui_helpers.mdx b/api_docs/kbn_test_eui_helpers.mdx index 33d97c97444b9..62146c2d53d3f 100644 --- a/api_docs/kbn_test_eui_helpers.mdx +++ b/api_docs/kbn_test_eui_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-eui-helpers title: "@kbn/test-eui-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-eui-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-eui-helpers'] --- import kbnTestEuiHelpersObj from './kbn_test_eui_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_jest_helpers.mdx b/api_docs/kbn_test_jest_helpers.mdx index c586c3e35b760..caff33e1682d3 100644 --- a/api_docs/kbn_test_jest_helpers.mdx +++ b/api_docs/kbn_test_jest_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-jest-helpers title: "@kbn/test-jest-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-jest-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-jest-helpers'] --- import kbnTestJestHelpersObj from './kbn_test_jest_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_subj_selector.mdx b/api_docs/kbn_test_subj_selector.mdx index 219f226c4f981..5f459edbdc56f 100644 --- a/api_docs/kbn_test_subj_selector.mdx +++ b/api_docs/kbn_test_subj_selector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-subj-selector title: "@kbn/test-subj-selector" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-subj-selector plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-subj-selector'] --- import kbnTestSubjSelectorObj from './kbn_test_subj_selector.devdocs.json'; diff --git a/api_docs/kbn_text_based_editor.devdocs.json b/api_docs/kbn_text_based_editor.devdocs.json index 70a51ba17fe67..514d684d04469 100644 --- a/api_docs/kbn_text_based_editor.devdocs.json +++ b/api_docs/kbn_text_based_editor.devdocs.json @@ -564,6 +564,22 @@ "path": "packages/kbn-text-based-editor/src/types.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/text-based-editor", + "id": "def-public.TextBasedLanguagesEditorProps.displayDocumentationAsFlyout", + "type": "CompoundType", + "tags": [], + "label": "displayDocumentationAsFlyout", + "description": [ + "adds a documentation icon in the footer which opens the inline docs as a flyout" + ], + "signature": [ + "boolean | undefined" + ], + "path": "packages/kbn-text-based-editor/src/types.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/kbn_text_based_editor.mdx b/api_docs/kbn_text_based_editor.mdx index 25aab2a1c3f9a..57ed8c0e92b68 100644 --- a/api_docs/kbn_text_based_editor.mdx +++ b/api_docs/kbn_text_based_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-text-based-editor title: "@kbn/text-based-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/text-based-editor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/text-based-editor'] --- import kbnTextBasedEditorObj from './kbn_text_based_editor.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 28 | 0 | 12 | 0 | +| 29 | 0 | 12 | 0 | ## Client diff --git a/api_docs/kbn_timerange.mdx b/api_docs/kbn_timerange.mdx index cf943f158fd20..6699d6636baf4 100644 --- a/api_docs/kbn_timerange.mdx +++ b/api_docs/kbn_timerange.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-timerange title: "@kbn/timerange" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/timerange plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/timerange'] --- import kbnTimerangeObj from './kbn_timerange.devdocs.json'; diff --git a/api_docs/kbn_tooling_log.mdx b/api_docs/kbn_tooling_log.mdx index ffa4fbdd7b720..073e449b295de 100644 --- a/api_docs/kbn_tooling_log.mdx +++ b/api_docs/kbn_tooling_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-tooling-log title: "@kbn/tooling-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/tooling-log plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/tooling-log'] --- import kbnToolingLogObj from './kbn_tooling_log.devdocs.json'; diff --git a/api_docs/kbn_triggers_actions_ui_types.mdx b/api_docs/kbn_triggers_actions_ui_types.mdx index ad2bc69c0a2bb..5849a9efd2b90 100644 --- a/api_docs/kbn_triggers_actions_ui_types.mdx +++ b/api_docs/kbn_triggers_actions_ui_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-triggers-actions-ui-types title: "@kbn/triggers-actions-ui-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/triggers-actions-ui-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/triggers-actions-ui-types'] --- import kbnTriggersActionsUiTypesObj from './kbn_triggers_actions_ui_types.devdocs.json'; diff --git a/api_docs/kbn_try_in_console.mdx b/api_docs/kbn_try_in_console.mdx index 4d29baf0e531e..69bcf41fd473f 100644 --- a/api_docs/kbn_try_in_console.mdx +++ b/api_docs/kbn_try_in_console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-try-in-console title: "@kbn/try-in-console" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/try-in-console plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/try-in-console'] --- import kbnTryInConsoleObj from './kbn_try_in_console.devdocs.json'; diff --git a/api_docs/kbn_ts_projects.mdx b/api_docs/kbn_ts_projects.mdx index a08084a49411d..6a054f4a256ea 100644 --- a/api_docs/kbn_ts_projects.mdx +++ b/api_docs/kbn_ts_projects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ts-projects title: "@kbn/ts-projects" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ts-projects plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ts-projects'] --- import kbnTsProjectsObj from './kbn_ts_projects.devdocs.json'; diff --git a/api_docs/kbn_typed_react_router_config.mdx b/api_docs/kbn_typed_react_router_config.mdx index 5ad824398a1fc..1ac4cba85ef1c 100644 --- a/api_docs/kbn_typed_react_router_config.mdx +++ b/api_docs/kbn_typed_react_router_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-typed-react-router-config title: "@kbn/typed-react-router-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/typed-react-router-config plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/typed-react-router-config'] --- import kbnTypedReactRouterConfigObj from './kbn_typed_react_router_config.devdocs.json'; diff --git a/api_docs/kbn_ui_actions_browser.mdx b/api_docs/kbn_ui_actions_browser.mdx index 59589984956da..43a43ac88b405 100644 --- a/api_docs/kbn_ui_actions_browser.mdx +++ b/api_docs/kbn_ui_actions_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-actions-browser title: "@kbn/ui-actions-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-actions-browser plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-actions-browser'] --- import kbnUiActionsBrowserObj from './kbn_ui_actions_browser.devdocs.json'; diff --git a/api_docs/kbn_ui_shared_deps_src.mdx b/api_docs/kbn_ui_shared_deps_src.mdx index 728d30672c29b..7f7ec69fed93c 100644 --- a/api_docs/kbn_ui_shared_deps_src.mdx +++ b/api_docs/kbn_ui_shared_deps_src.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-shared-deps-src title: "@kbn/ui-shared-deps-src" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-shared-deps-src plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-shared-deps-src'] --- import kbnUiSharedDepsSrcObj from './kbn_ui_shared_deps_src.devdocs.json'; diff --git a/api_docs/kbn_ui_theme.mdx b/api_docs/kbn_ui_theme.mdx index 52ff58aed0223..23194ca7186a8 100644 --- a/api_docs/kbn_ui_theme.mdx +++ b/api_docs/kbn_ui_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-theme title: "@kbn/ui-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-theme plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-theme'] --- import kbnUiThemeObj from './kbn_ui_theme.devdocs.json'; diff --git a/api_docs/kbn_unified_data_table.mdx b/api_docs/kbn_unified_data_table.mdx index 13bfdf4cc2f60..d2d8042d94608 100644 --- a/api_docs/kbn_unified_data_table.mdx +++ b/api_docs/kbn_unified_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-data-table title: "@kbn/unified-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-data-table plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-data-table'] --- import kbnUnifiedDataTableObj from './kbn_unified_data_table.devdocs.json'; diff --git a/api_docs/kbn_unified_doc_viewer.mdx b/api_docs/kbn_unified_doc_viewer.mdx index 3f18343c30ddd..c767f5609cd6e 100644 --- a/api_docs/kbn_unified_doc_viewer.mdx +++ b/api_docs/kbn_unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-doc-viewer title: "@kbn/unified-doc-viewer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-doc-viewer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-doc-viewer'] --- import kbnUnifiedDocViewerObj from './kbn_unified_doc_viewer.devdocs.json'; diff --git a/api_docs/kbn_unified_field_list.mdx b/api_docs/kbn_unified_field_list.mdx index 0478402b03845..15511689dce59 100644 --- a/api_docs/kbn_unified_field_list.mdx +++ b/api_docs/kbn_unified_field_list.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-field-list title: "@kbn/unified-field-list" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-field-list plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-field-list'] --- import kbnUnifiedFieldListObj from './kbn_unified_field_list.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_badge.mdx b/api_docs/kbn_unsaved_changes_badge.mdx index 0d82326a631b2..cc98e7bcf8abd 100644 --- a/api_docs/kbn_unsaved_changes_badge.mdx +++ b/api_docs/kbn_unsaved_changes_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-badge title: "@kbn/unsaved-changes-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-badge plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-badge'] --- import kbnUnsavedChangesBadgeObj from './kbn_unsaved_changes_badge.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_prompt.mdx b/api_docs/kbn_unsaved_changes_prompt.mdx index 26b26ae3e9d9b..58f68d5fe539a 100644 --- a/api_docs/kbn_unsaved_changes_prompt.mdx +++ b/api_docs/kbn_unsaved_changes_prompt.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-prompt title: "@kbn/unsaved-changes-prompt" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-prompt plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-prompt'] --- import kbnUnsavedChangesPromptObj from './kbn_unsaved_changes_prompt.devdocs.json'; diff --git a/api_docs/kbn_use_tracked_promise.mdx b/api_docs/kbn_use_tracked_promise.mdx index e3074c1af1bc7..0accc62d598bd 100644 --- a/api_docs/kbn_use_tracked_promise.mdx +++ b/api_docs/kbn_use_tracked_promise.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-use-tracked-promise title: "@kbn/use-tracked-promise" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/use-tracked-promise plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/use-tracked-promise'] --- import kbnUseTrackedPromiseObj from './kbn_use_tracked_promise.devdocs.json'; diff --git a/api_docs/kbn_user_profile_components.mdx b/api_docs/kbn_user_profile_components.mdx index b012ed26e5c91..c9074c9340112 100644 --- a/api_docs/kbn_user_profile_components.mdx +++ b/api_docs/kbn_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-user-profile-components title: "@kbn/user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/user-profile-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/user-profile-components'] --- import kbnUserProfileComponentsObj from './kbn_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_utility_types.mdx b/api_docs/kbn_utility_types.mdx index 3a7328118bafc..18de608035626 100644 --- a/api_docs/kbn_utility_types.mdx +++ b/api_docs/kbn_utility_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types title: "@kbn/utility-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types'] --- import kbnUtilityTypesObj from './kbn_utility_types.devdocs.json'; diff --git a/api_docs/kbn_utility_types_jest.mdx b/api_docs/kbn_utility_types_jest.mdx index a602af088fa1c..ea4d16e397320 100644 --- a/api_docs/kbn_utility_types_jest.mdx +++ b/api_docs/kbn_utility_types_jest.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types-jest title: "@kbn/utility-types-jest" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types-jest plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types-jest'] --- import kbnUtilityTypesJestObj from './kbn_utility_types_jest.devdocs.json'; diff --git a/api_docs/kbn_utils.mdx b/api_docs/kbn_utils.mdx index f8f5c57263d6c..d85908c75994d 100644 --- a/api_docs/kbn_utils.mdx +++ b/api_docs/kbn_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utils title: "@kbn/utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utils'] --- import kbnUtilsObj from './kbn_utils.devdocs.json'; diff --git a/api_docs/kbn_visualization_ui_components.mdx b/api_docs/kbn_visualization_ui_components.mdx index bfff8db3d4d8b..60e4fa629510e 100644 --- a/api_docs/kbn_visualization_ui_components.mdx +++ b/api_docs/kbn_visualization_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-ui-components title: "@kbn/visualization-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-ui-components plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-ui-components'] --- import kbnVisualizationUiComponentsObj from './kbn_visualization_ui_components.devdocs.json'; diff --git a/api_docs/kbn_visualization_utils.mdx b/api_docs/kbn_visualization_utils.mdx index 9877d754d624a..71d386525023e 100644 --- a/api_docs/kbn_visualization_utils.mdx +++ b/api_docs/kbn_visualization_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-utils title: "@kbn/visualization-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-utils'] --- import kbnVisualizationUtilsObj from './kbn_visualization_utils.devdocs.json'; diff --git a/api_docs/kbn_xstate_utils.mdx b/api_docs/kbn_xstate_utils.mdx index ea85cfeabb8fb..b3cf6d985e582 100644 --- a/api_docs/kbn_xstate_utils.mdx +++ b/api_docs/kbn_xstate_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-xstate-utils title: "@kbn/xstate-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/xstate-utils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/xstate-utils'] --- import kbnXstateUtilsObj from './kbn_xstate_utils.devdocs.json'; diff --git a/api_docs/kbn_yarn_lock_validator.mdx b/api_docs/kbn_yarn_lock_validator.mdx index 80a7064e20161..07d23c127a61d 100644 --- a/api_docs/kbn_yarn_lock_validator.mdx +++ b/api_docs/kbn_yarn_lock_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-yarn-lock-validator title: "@kbn/yarn-lock-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/yarn-lock-validator plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/yarn-lock-validator'] --- import kbnYarnLockValidatorObj from './kbn_yarn_lock_validator.devdocs.json'; diff --git a/api_docs/kbn_zod.mdx b/api_docs/kbn_zod.mdx index 0e946f38fd650..a77c60d4644f3 100644 --- a/api_docs/kbn_zod.mdx +++ b/api_docs/kbn_zod.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod title: "@kbn/zod" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod'] --- import kbnZodObj from './kbn_zod.devdocs.json'; diff --git a/api_docs/kbn_zod_helpers.mdx b/api_docs/kbn_zod_helpers.mdx index 1e1ab9cf94995..c76a867b5ee30 100644 --- a/api_docs/kbn_zod_helpers.mdx +++ b/api_docs/kbn_zod_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod-helpers title: "@kbn/zod-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod-helpers plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod-helpers'] --- import kbnZodHelpersObj from './kbn_zod_helpers.devdocs.json'; diff --git a/api_docs/kibana_overview.mdx b/api_docs/kibana_overview.mdx index 9cb8dd2e7031f..17f937cf9f3e2 100644 --- a/api_docs/kibana_overview.mdx +++ b/api_docs/kibana_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaOverview title: "kibanaOverview" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaOverview plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaOverview'] --- import kibanaOverviewObj from './kibana_overview.devdocs.json'; diff --git a/api_docs/kibana_react.mdx b/api_docs/kibana_react.mdx index 58f13f075de76..437428377c8b5 100644 --- a/api_docs/kibana_react.mdx +++ b/api_docs/kibana_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaReact title: "kibanaReact" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaReact plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaReact'] --- import kibanaReactObj from './kibana_react.devdocs.json'; diff --git a/api_docs/kibana_utils.mdx b/api_docs/kibana_utils.mdx index 81d8f6ddd4648..f3e1d6c1412da 100644 --- a/api_docs/kibana_utils.mdx +++ b/api_docs/kibana_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaUtils title: "kibanaUtils" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaUtils plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaUtils'] --- import kibanaUtilsObj from './kibana_utils.devdocs.json'; diff --git a/api_docs/kubernetes_security.mdx b/api_docs/kubernetes_security.mdx index 0829a0ac795d5..c458665807d59 100644 --- a/api_docs/kubernetes_security.mdx +++ b/api_docs/kubernetes_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kubernetesSecurity title: "kubernetesSecurity" image: https://source.unsplash.com/400x175/?github description: API docs for the kubernetesSecurity plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kubernetesSecurity'] --- import kubernetesSecurityObj from './kubernetes_security.devdocs.json'; diff --git a/api_docs/lens.mdx b/api_docs/lens.mdx index c710047ba6b6e..8fba5488d8c70 100644 --- a/api_docs/lens.mdx +++ b/api_docs/lens.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lens title: "lens" image: https://source.unsplash.com/400x175/?github description: API docs for the lens plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lens'] --- import lensObj from './lens.devdocs.json'; diff --git a/api_docs/license_api_guard.mdx b/api_docs/license_api_guard.mdx index 76332e67cef29..be600342673f0 100644 --- a/api_docs/license_api_guard.mdx +++ b/api_docs/license_api_guard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseApiGuard title: "licenseApiGuard" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseApiGuard plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseApiGuard'] --- import licenseApiGuardObj from './license_api_guard.devdocs.json'; diff --git a/api_docs/license_management.mdx b/api_docs/license_management.mdx index eee1100c17031..62f4e10570268 100644 --- a/api_docs/license_management.mdx +++ b/api_docs/license_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseManagement title: "licenseManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseManagement'] --- import licenseManagementObj from './license_management.devdocs.json'; diff --git a/api_docs/licensing.mdx b/api_docs/licensing.mdx index 298e6be6ca152..730f2b64ea891 100644 --- a/api_docs/licensing.mdx +++ b/api_docs/licensing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licensing title: "licensing" image: https://source.unsplash.com/400x175/?github description: API docs for the licensing plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licensing'] --- import licensingObj from './licensing.devdocs.json'; diff --git a/api_docs/links.mdx b/api_docs/links.mdx index d220eae67492d..b1c144fb68c21 100644 --- a/api_docs/links.mdx +++ b/api_docs/links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/links title: "links" image: https://source.unsplash.com/400x175/?github description: API docs for the links plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'links'] --- import linksObj from './links.devdocs.json'; diff --git a/api_docs/lists.mdx b/api_docs/lists.mdx index dc2318e4f9c8e..29908ca7177d6 100644 --- a/api_docs/lists.mdx +++ b/api_docs/lists.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lists title: "lists" image: https://source.unsplash.com/400x175/?github description: API docs for the lists plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lists'] --- import listsObj from './lists.devdocs.json'; diff --git a/api_docs/logs_data_access.mdx b/api_docs/logs_data_access.mdx index 7d1c393c9717b..005b3e40d53f5 100644 --- a/api_docs/logs_data_access.mdx +++ b/api_docs/logs_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsDataAccess title: "logsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the logsDataAccess plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsDataAccess'] --- import logsDataAccessObj from './logs_data_access.devdocs.json'; diff --git a/api_docs/logs_explorer.mdx b/api_docs/logs_explorer.mdx index 67ac3b6ca4f02..8b3b74dd89d24 100644 --- a/api_docs/logs_explorer.mdx +++ b/api_docs/logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsExplorer title: "logsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the logsExplorer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsExplorer'] --- import logsExplorerObj from './logs_explorer.devdocs.json'; diff --git a/api_docs/logs_shared.mdx b/api_docs/logs_shared.mdx index 22f844d28cfb5..395b4c14ec7da 100644 --- a/api_docs/logs_shared.mdx +++ b/api_docs/logs_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsShared title: "logsShared" image: https://source.unsplash.com/400x175/?github description: API docs for the logsShared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsShared'] --- import logsSharedObj from './logs_shared.devdocs.json'; diff --git a/api_docs/management.mdx b/api_docs/management.mdx index 9b6df22e1c3ef..97df0a3060425 100644 --- a/api_docs/management.mdx +++ b/api_docs/management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/management title: "management" image: https://source.unsplash.com/400x175/?github description: API docs for the management plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'management'] --- import managementObj from './management.devdocs.json'; diff --git a/api_docs/maps.mdx b/api_docs/maps.mdx index 80c0baf510a60..d40e59fac52b3 100644 --- a/api_docs/maps.mdx +++ b/api_docs/maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/maps title: "maps" image: https://source.unsplash.com/400x175/?github description: API docs for the maps plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'maps'] --- import mapsObj from './maps.devdocs.json'; diff --git a/api_docs/maps_ems.mdx b/api_docs/maps_ems.mdx index 6a39921ec4b24..0a4468b6d80ac 100644 --- a/api_docs/maps_ems.mdx +++ b/api_docs/maps_ems.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mapsEms title: "mapsEms" image: https://source.unsplash.com/400x175/?github description: API docs for the mapsEms plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mapsEms'] --- import mapsEmsObj from './maps_ems.devdocs.json'; diff --git a/api_docs/metrics_data_access.mdx b/api_docs/metrics_data_access.mdx index 0a4ac38f88dbc..e9645d3a5ecb9 100644 --- a/api_docs/metrics_data_access.mdx +++ b/api_docs/metrics_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/metricsDataAccess title: "metricsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the metricsDataAccess plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'metricsDataAccess'] --- import metricsDataAccessObj from './metrics_data_access.devdocs.json'; diff --git a/api_docs/ml.mdx b/api_docs/ml.mdx index 1dab75c111c56..2f72e76e742ba 100644 --- a/api_docs/ml.mdx +++ b/api_docs/ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ml title: "ml" image: https://source.unsplash.com/400x175/?github description: API docs for the ml plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ml'] --- import mlObj from './ml.devdocs.json'; diff --git a/api_docs/mock_idp_plugin.mdx b/api_docs/mock_idp_plugin.mdx index 2911dee7b1c6d..c8b06dc79ee7e 100644 --- a/api_docs/mock_idp_plugin.mdx +++ b/api_docs/mock_idp_plugin.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mockIdpPlugin title: "mockIdpPlugin" image: https://source.unsplash.com/400x175/?github description: API docs for the mockIdpPlugin plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mockIdpPlugin'] --- import mockIdpPluginObj from './mock_idp_plugin.devdocs.json'; diff --git a/api_docs/monitoring.mdx b/api_docs/monitoring.mdx index a3f8188c30996..52498e3021eb4 100644 --- a/api_docs/monitoring.mdx +++ b/api_docs/monitoring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoring title: "monitoring" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoring plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoring'] --- import monitoringObj from './monitoring.devdocs.json'; diff --git a/api_docs/monitoring_collection.mdx b/api_docs/monitoring_collection.mdx index 1ee8bf8379e10..b452d7a4f165c 100644 --- a/api_docs/monitoring_collection.mdx +++ b/api_docs/monitoring_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoringCollection title: "monitoringCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoringCollection plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoringCollection'] --- import monitoringCollectionObj from './monitoring_collection.devdocs.json'; diff --git a/api_docs/navigation.mdx b/api_docs/navigation.mdx index 9dcd98217c0d0..dbd826c7ebb41 100644 --- a/api_docs/navigation.mdx +++ b/api_docs/navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/navigation title: "navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the navigation plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'navigation'] --- import navigationObj from './navigation.devdocs.json'; diff --git a/api_docs/newsfeed.mdx b/api_docs/newsfeed.mdx index 4e812756c97bf..9473bb748ee3d 100644 --- a/api_docs/newsfeed.mdx +++ b/api_docs/newsfeed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/newsfeed title: "newsfeed" image: https://source.unsplash.com/400x175/?github description: API docs for the newsfeed plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'newsfeed'] --- import newsfeedObj from './newsfeed.devdocs.json'; diff --git a/api_docs/no_data_page.mdx b/api_docs/no_data_page.mdx index 1aeeca81cbaa6..fedbed7c1793e 100644 --- a/api_docs/no_data_page.mdx +++ b/api_docs/no_data_page.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/noDataPage title: "noDataPage" image: https://source.unsplash.com/400x175/?github description: API docs for the noDataPage plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'noDataPage'] --- import noDataPageObj from './no_data_page.devdocs.json'; diff --git a/api_docs/notifications.mdx b/api_docs/notifications.mdx index f3ff1211a9c4a..400ea784baa30 100644 --- a/api_docs/notifications.mdx +++ b/api_docs/notifications.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/notifications title: "notifications" image: https://source.unsplash.com/400x175/?github description: API docs for the notifications plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'notifications'] --- import notificationsObj from './notifications.devdocs.json'; diff --git a/api_docs/observability.mdx b/api_docs/observability.mdx index 50fa55a3a656c..6ca920895ba28 100644 --- a/api_docs/observability.mdx +++ b/api_docs/observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observability title: "observability" image: https://source.unsplash.com/400x175/?github description: API docs for the observability plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observability'] --- import observabilityObj from './observability.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant.mdx b/api_docs/observability_a_i_assistant.mdx index 1fcc33dfd65e3..f79e798207057 100644 --- a/api_docs/observability_a_i_assistant.mdx +++ b/api_docs/observability_a_i_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistant title: "observabilityAIAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistant plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistant'] --- import observabilityAIAssistantObj from './observability_a_i_assistant.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant_app.mdx b/api_docs/observability_a_i_assistant_app.mdx index 9a78da55b3900..16fc7cd5c797e 100644 --- a/api_docs/observability_a_i_assistant_app.mdx +++ b/api_docs/observability_a_i_assistant_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistantApp title: "observabilityAIAssistantApp" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistantApp plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistantApp'] --- import observabilityAIAssistantAppObj from './observability_a_i_assistant_app.devdocs.json'; diff --git a/api_docs/observability_ai_assistant_management.mdx b/api_docs/observability_ai_assistant_management.mdx index 2c9d82f458998..954eddd6cdae7 100644 --- a/api_docs/observability_ai_assistant_management.mdx +++ b/api_docs/observability_ai_assistant_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAiAssistantManagement title: "observabilityAiAssistantManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAiAssistantManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAiAssistantManagement'] --- import observabilityAiAssistantManagementObj from './observability_ai_assistant_management.devdocs.json'; diff --git a/api_docs/observability_logs_explorer.mdx b/api_docs/observability_logs_explorer.mdx index 75bb69a167fb4..c59c54939a458 100644 --- a/api_docs/observability_logs_explorer.mdx +++ b/api_docs/observability_logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityLogsExplorer title: "observabilityLogsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityLogsExplorer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityLogsExplorer'] --- import observabilityLogsExplorerObj from './observability_logs_explorer.devdocs.json'; diff --git a/api_docs/observability_onboarding.mdx b/api_docs/observability_onboarding.mdx index 5cb3b90bfcdd2..39caf81cfa8d3 100644 --- a/api_docs/observability_onboarding.mdx +++ b/api_docs/observability_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityOnboarding title: "observabilityOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityOnboarding plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityOnboarding'] --- import observabilityOnboardingObj from './observability_onboarding.devdocs.json'; diff --git a/api_docs/observability_shared.mdx b/api_docs/observability_shared.mdx index 3841f69b9dcdb..46b3b22e43bbe 100644 --- a/api_docs/observability_shared.mdx +++ b/api_docs/observability_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityShared title: "observabilityShared" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityShared plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityShared'] --- import observabilitySharedObj from './observability_shared.devdocs.json'; diff --git a/api_docs/osquery.mdx b/api_docs/osquery.mdx index 44d60b6bb2e3c..793481f8788f1 100644 --- a/api_docs/osquery.mdx +++ b/api_docs/osquery.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/osquery title: "osquery" image: https://source.unsplash.com/400x175/?github description: API docs for the osquery plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'osquery'] --- import osqueryObj from './osquery.devdocs.json'; diff --git a/api_docs/painless_lab.mdx b/api_docs/painless_lab.mdx index 12a68cf4d47d1..754356556a777 100644 --- a/api_docs/painless_lab.mdx +++ b/api_docs/painless_lab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/painlessLab title: "painlessLab" image: https://source.unsplash.com/400x175/?github description: API docs for the painlessLab plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'painlessLab'] --- import painlessLabObj from './painless_lab.devdocs.json'; diff --git a/api_docs/plugin_directory.mdx b/api_docs/plugin_directory.mdx index 8b7d0fee618e1..a26787722b3fe 100644 --- a/api_docs/plugin_directory.mdx +++ b/api_docs/plugin_directory.mdx @@ -7,7 +7,7 @@ id: kibDevDocsPluginDirectory slug: /kibana-dev-docs/api-meta/plugin-api-directory title: Directory description: Directory of public APIs available through plugins or packages. -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -15,13 +15,13 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Count | Plugins or Packages with a
public API | Number of teams | |--------------|----------|------------------------| -| 860 | 733 | 45 | +| 861 | 734 | 45 | ### Public API health stats | API Count | Any Count | Missing comments | Missing exports | |--------------|----------|-----------------|--------| -| 53176 | 245 | 39877 | 1962 | +| 53179 | 245 | 39881 | 1963 | ## Plugin Directory @@ -39,7 +39,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | Adds Canvas application to Kibana | 9 | 0 | 8 | 3 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | The Case management system in Kibana | 115 | 0 | 95 | 28 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 268 | 2 | 253 | 10 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 84 | 0 | 21 | 0 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 84 | 0 | 21 | 1 | | cloudChat | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | Chat available on Elastic Cloud deployments for quicker assistance. | 0 | 0 | 0 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | Static migration page where self-managed users can see text/copy about migrating to Elastic Cloud | 8 | 0 | 8 | 1 | | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | Defend for containers (D4C) | 52 | 0 | 43 | 2 | @@ -49,7 +49,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | The cloud security posture plugin | 13 | 0 | 2 | 2 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 39 | 0 | 30 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Content management app | 149 | 0 | 125 | 6 | -| | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | The Controls Plugin contains embeddable components intended to create a simple query interface for end users, and a powerful editing suite that allows dashboard authors to build controls | 138 | 0 | 134 | 14 | +| | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | The Controls Plugin contains embeddable components intended to create a simple query interface for end users, and a powerful editing suite that allows dashboard authors to build controls | 134 | 0 | 130 | 14 | | crossClusterReplication | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 0 | 0 | 0 | 0 | | customBranding | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Enables customization of Kibana | 0 | 0 | 0 | 0 | | | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | Add custom data integrations so they can be displayed in the Fleet integrations app | 271 | 0 | 252 | 1 | @@ -57,6 +57,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 54 | 0 | 51 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | Data services are useful for searching and querying data from Elasticsearch. Helpful utilities include: a re-usable react query bar, KQL autocomplete, async search, Data Views (Index Patterns) and field formatters. | 3209 | 31 | 2594 | 24 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 5 | 0 | 5 | 0 | +| | [@elastic/obs-ai-assistant](https://github.com/orgs/elastic/teams/obs-ai-assistant) | - | 6 | 0 | 6 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | This plugin provides the ability to create data views via a modal flyout inside Kibana apps | 35 | 0 | 25 | 5 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | Reusable data view field editor across Kibana | 72 | 0 | 33 | 1 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | Data view management app | 2 | 0 | 2 | 0 | @@ -76,11 +77,11 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 2 | 0 | 2 | 0 | | | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | Entity manager plugin for entity assets (inventory, topology, etc) | 20 | 0 | 20 | 3 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 99 | 3 | 97 | 3 | -| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 24 | 0 | 9 | 0 | +| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 25 | 0 | 9 | 0 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | The Event Annotation service contains expressions for event annotations | 201 | 0 | 201 | 6 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | The listing page for event annotations. | 15 | 0 | 15 | 0 | -| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 112 | 0 | 112 | 11 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 116 | 0 | 116 | 11 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 126 | 0 | 126 | 12 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | Adds 'error' renderer to expressions | 17 | 0 | 15 | 2 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | Expression Gauge plugin adds a `gauge` renderer and function to the expression plugin. The renderer will display the `gauge` chart. | 59 | 0 | 58 | 2 | @@ -102,7 +103,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | The file upload plugin contains components and services for uploading a file, analyzing its data, and then importing the data into an Elasticsearch index. Supported file types include CSV, TSV, newline-delimited JSON and GeoJSON. | 88 | 0 | 88 | 8 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | File upload, download, sharing, and serving over HTTP implementation in Kibana. | 240 | 0 | 24 | 9 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Simple UI for managing files in Kibana | 3 | 0 | 3 | 0 | -| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1361 | 5 | 1238 | 74 | +| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1364 | 5 | 1241 | 74 | | ftrApis | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 0 | 0 | 0 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 72 | 0 | 14 | 5 | | globalSearchBar | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 0 | 0 | 0 | 0 | @@ -169,11 +170,11 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 21 | 0 | 21 | 0 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 285 | 0 | 248 | 11 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 24 | 0 | 19 | 2 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 132 | 2 | 121 | 5 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 114 | 2 | 109 | 5 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 25 | 0 | 25 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 148 | 0 | 139 | 2 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 89 | 0 | 83 | 3 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 105 | 0 | 57 | 1 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 100 | 0 | 53 | 1 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | This plugin contains the definition and helper methods around saved searches, used by discover and visualizations. | 61 | 0 | 60 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 32 | 0 | 13 | 0 | | | [@elastic/kibana-reporting-services](https://github.com/orgs/elastic/teams/kibana-reporting-services) | Kibana Screenshotting Plugin | 32 | 0 | 8 | 3 | @@ -276,10 +277,10 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 62 | 0 | 17 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 74 | 1 | 74 | 0 | -| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 61 | 0 | 60 | 0 | +| | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 68 | 0 | 66 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 41 | 0 | 17 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | -| | [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) | - | 8 | 0 | 4 | 0 | +| | [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) | - | 9 | 0 | 4 | 0 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 227 | 0 | 188 | 9 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 79 | 0 | 50 | 9 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 24 | 0 | 24 | 0 | @@ -339,7 +340,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 4 | 0 | 4 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 22 | 0 | 13 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 38 | 1 | 34 | 0 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 117 | 0 | 56 | 0 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 118 | 0 | 56 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 43 | 0 | 38 | 3 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 13 | 1 | 13 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 4 | 0 | 4 | 1 | @@ -506,7 +507,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 57 | 0 | 30 | 6 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 37 | 0 | 28 | 2 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 16 | 0 | 8 | 0 | -| | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 35 | 0 | 34 | 0 | +| | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 38 | 0 | 37 | 0 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 159 | 0 | 133 | 10 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 390 | 0 | 363 | 0 | | | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 44 | 0 | 44 | 0 | @@ -526,7 +527,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 49 | 0 | 40 | 2 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 0 | 0 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 3 | 0 | 3 | 0 | -| | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 106 | 0 | 81 | 1 | +| | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 108 | 0 | 83 | 1 | | | [@elastic/appex-qa](https://github.com/orgs/elastic/teams/appex-qa) | - | 560 | 6 | 520 | 7 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 1 | 0 | 0 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 1 | 0 | 1 | 0 | @@ -554,7 +555,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 41 | 2 | 35 | 0 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 9 | 0 | 7 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 108 | 0 | 107 | 0 | -| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 7 | 0 | 5 | 0 | +| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 11 | 0 | 7 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 193 | 0 | 190 | 6 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 172 | 0 | 172 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 28 | 0 | 2 | 2 | @@ -752,7 +753,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 19 | 0 | 19 | 3 | | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 1 | 0 | 1 | 1 | | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 2 | 0 | 2 | 0 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 111 | 2 | 72 | 1 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 108 | 2 | 70 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 4 | 0 | 2 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 41 | 2 | 21 | 0 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 32 | 2 | 32 | 0 | @@ -762,7 +763,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 37 | 1 | 19 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 131 | 3 | 98 | 2 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 1 | 0 | -| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 28 | 0 | 12 | 0 | +| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 29 | 0 | 12 | 0 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 8 | 0 | 8 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 74 | 0 | 55 | 0 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 15 | 0 | 15 | 0 | diff --git a/api_docs/presentation_panel.mdx b/api_docs/presentation_panel.mdx index 475a25bcecca0..25dd271be08e0 100644 --- a/api_docs/presentation_panel.mdx +++ b/api_docs/presentation_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationPanel title: "presentationPanel" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationPanel plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationPanel'] --- import presentationPanelObj from './presentation_panel.devdocs.json'; diff --git a/api_docs/presentation_util.mdx b/api_docs/presentation_util.mdx index 6a7cb962df0c4..e957b448a3cdc 100644 --- a/api_docs/presentation_util.mdx +++ b/api_docs/presentation_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationUtil title: "presentationUtil" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationUtil plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationUtil'] --- import presentationUtilObj from './presentation_util.devdocs.json'; diff --git a/api_docs/profiling.mdx b/api_docs/profiling.mdx index 8d41fd935826c..b97212faa6938 100644 --- a/api_docs/profiling.mdx +++ b/api_docs/profiling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profiling title: "profiling" image: https://source.unsplash.com/400x175/?github description: API docs for the profiling plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profiling'] --- import profilingObj from './profiling.devdocs.json'; diff --git a/api_docs/profiling_data_access.mdx b/api_docs/profiling_data_access.mdx index daf1548822c30..69e88b72cbd17 100644 --- a/api_docs/profiling_data_access.mdx +++ b/api_docs/profiling_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profilingDataAccess title: "profilingDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the profilingDataAccess plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profilingDataAccess'] --- import profilingDataAccessObj from './profiling_data_access.devdocs.json'; diff --git a/api_docs/remote_clusters.mdx b/api_docs/remote_clusters.mdx index 2133c43aae0bc..08f49f79c6635 100644 --- a/api_docs/remote_clusters.mdx +++ b/api_docs/remote_clusters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/remoteClusters title: "remoteClusters" image: https://source.unsplash.com/400x175/?github description: API docs for the remoteClusters plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'remoteClusters'] --- import remoteClustersObj from './remote_clusters.devdocs.json'; diff --git a/api_docs/reporting.mdx b/api_docs/reporting.mdx index 9b10a13e37828..bc7d06f99d3ba 100644 --- a/api_docs/reporting.mdx +++ b/api_docs/reporting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/reporting title: "reporting" image: https://source.unsplash.com/400x175/?github description: API docs for the reporting plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'reporting'] --- import reportingObj from './reporting.devdocs.json'; diff --git a/api_docs/rollup.mdx b/api_docs/rollup.mdx index 437c1b589d3a5..9bc85d037cd9d 100644 --- a/api_docs/rollup.mdx +++ b/api_docs/rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/rollup title: "rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the rollup plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'rollup'] --- import rollupObj from './rollup.devdocs.json'; diff --git a/api_docs/rule_registry.mdx b/api_docs/rule_registry.mdx index c47ad40ca0294..e4c485f91ea13 100644 --- a/api_docs/rule_registry.mdx +++ b/api_docs/rule_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ruleRegistry title: "ruleRegistry" image: https://source.unsplash.com/400x175/?github description: API docs for the ruleRegistry plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ruleRegistry'] --- import ruleRegistryObj from './rule_registry.devdocs.json'; diff --git a/api_docs/runtime_fields.mdx b/api_docs/runtime_fields.mdx index f78b57c27cf8f..19d03aa4ca963 100644 --- a/api_docs/runtime_fields.mdx +++ b/api_docs/runtime_fields.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/runtimeFields title: "runtimeFields" image: https://source.unsplash.com/400x175/?github description: API docs for the runtimeFields plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'runtimeFields'] --- import runtimeFieldsObj from './runtime_fields.devdocs.json'; diff --git a/api_docs/saved_objects.devdocs.json b/api_docs/saved_objects.devdocs.json index aed8018111e8f..0e1d7fbd0262d 100644 --- a/api_docs/saved_objects.devdocs.json +++ b/api_docs/saved_objects.devdocs.json @@ -1035,28 +1035,7 @@ "deprecated": true, "removeBy": "8.8.0", "trackAdoption": false, - "references": [ - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/types.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/types.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts" - }, - { - "plugin": "savedObjectsTaggingOss", - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts" - } - ], + "references": [], "children": [ { "parentPluginId": "savedObjects", @@ -1899,223 +1878,6 @@ ], "initialIsOpen": false }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator", - "type": "Interface", - "tags": [], - "label": "SavedObjectDecorator", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecorator", - "text": "SavedObjectDecorator" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.getId", - "type": "Function", - "tags": [], - "label": "getId", - "description": [ - "\nId of the decorator" - ], - "signature": [ - "() => string" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [], - "returnComment": [] - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateConfig", - "type": "Function", - "tags": [], - "label": "decorateConfig", - "description": [ - "\nDecorate the saved object provided config. This can be used to enhance or alter the object's provided\nconfiguration." - ], - "signature": [ - "(config: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectConfig", - "text": "SavedObjectConfig" - }, - ") => void" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateConfig.$1", - "type": "Object", - "tags": [], - "label": "config", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectConfig", - "text": "SavedObjectConfig" - } - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateObject", - "type": "Function", - "tags": [], - "label": "decorateObject", - "description": [ - "\nDecorate the saved object instance. Can be used to add additional methods to it.\n" - ], - "signature": [ - "(object: T) => void" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecorator.decorateObject.$1", - "type": "Uncategorized", - "tags": [], - "label": "object", - "description": [], - "signature": [ - "T" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - } - ], - "initialIsOpen": false - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig", - "type": "Interface", - "tags": [], - "label": "SavedObjectDecoratorConfig", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecoratorConfig", - "text": "SavedObjectDecoratorConfig" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.id", - "type": "string", - "tags": [], - "label": "id", - "description": [ - "\nThe id of the decorator" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.priority", - "type": "number", - "tags": [], - "label": "priority", - "description": [ - "\nHighest priority will be called **last**\n(the decoration will be at the highest level)" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.factory", - "type": "Function", - "tags": [], - "label": "factory", - "description": [ - "\nThe factory to use to create the decorator" - ], - "signature": [ - "(services: ", - "SavedObjectKibanaServices", - ") => ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecorator", - "text": "SavedObjectDecorator" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/registry.ts", - "deprecated": false, - "trackAdoption": false, - "returnComment": [], - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorConfig.factory.$1", - "type": "Object", - "tags": [], - "label": "services", - "description": [], - "signature": [ - "SavedObjectKibanaServices" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false - } - ] - } - ], - "initialIsOpen": false - }, { "parentPluginId": "savedObjects", "id": "def-public.SavedObjectSaveOpts", @@ -2282,48 +2044,6 @@ ], "enums": [], "misc": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorFactory", - "type": "Type", - "tags": [], - "label": "SavedObjectDecoratorFactory", - "description": [], - "signature": [ - "(services: ", - "SavedObjectKibanaServices", - ") => ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecorator", - "text": "SavedObjectDecorator" - }, - "" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false, - "returnComment": [], - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectDecoratorFactory.$1", - "type": "Object", - "tags": [], - "label": "services", - "description": [], - "signature": [ - "SavedObjectKibanaServices" - ], - "path": "src/plugins/saved_objects/public/saved_object/decorators/types.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, { "parentPluginId": "savedObjects", "id": "def-public.SaveResult", @@ -2342,118 +2062,7 @@ "initialIsOpen": false } ], - "objects": [], - "start": { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectsStart", - "type": "Interface", - "tags": [], - "label": "SavedObjectsStart", - "description": [], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectsStart.SavedObjectClass", - "type": "Object", - "tags": [ - "deprecated" - ], - "label": "SavedObjectClass", - "description": [], - "signature": [ - "new (raw: Record) => ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">" - ], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": true, - "removeBy": "8.8.0", - "trackAdoption": false, - "references": [] - } - ], - "lifecycle": "start", - "initialIsOpen": true - }, - "setup": { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectSetup", - "type": "Interface", - "tags": [], - "label": "SavedObjectSetup", - "description": [], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectSetup.registerDecorator", - "type": "Function", - "tags": [], - "label": "registerDecorator", - "description": [], - "signature": [ - "(config: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecoratorConfig", - "text": "SavedObjectDecoratorConfig" - }, - ") => void" - ], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjects", - "id": "def-public.SavedObjectSetup.registerDecorator.$1", - "type": "Object", - "tags": [], - "label": "config", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObjectDecoratorConfig", - "text": "SavedObjectDecoratorConfig" - }, - "" - ], - "path": "src/plugins/saved_objects/public/plugin.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - } - ], - "lifecycle": "setup", - "initialIsOpen": true - } + "objects": [] }, "server": { "classes": [], diff --git a/api_docs/saved_objects.mdx b/api_docs/saved_objects.mdx index cc436a6a8c0d0..09e318b3a648c 100644 --- a/api_docs/saved_objects.mdx +++ b/api_docs/saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjects title: "savedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjects plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjects'] --- import savedObjectsObj from './saved_objects.devdocs.json'; @@ -21,16 +21,10 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 132 | 2 | 121 | 5 | +| 114 | 2 | 109 | 5 | ## Client -### Setup - - -### Start - - ### Functions diff --git a/api_docs/saved_objects_finder.mdx b/api_docs/saved_objects_finder.mdx index 765fa84ab4b81..f31b19553c1aa 100644 --- a/api_docs/saved_objects_finder.mdx +++ b/api_docs/saved_objects_finder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsFinder title: "savedObjectsFinder" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsFinder plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsFinder'] --- import savedObjectsFinderObj from './saved_objects_finder.devdocs.json'; diff --git a/api_docs/saved_objects_management.mdx b/api_docs/saved_objects_management.mdx index bab2c2656ea2b..65b10728be4db 100644 --- a/api_docs/saved_objects_management.mdx +++ b/api_docs/saved_objects_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsManagement title: "savedObjectsManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsManagement plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsManagement'] --- import savedObjectsManagementObj from './saved_objects_management.devdocs.json'; diff --git a/api_docs/saved_objects_tagging.mdx b/api_docs/saved_objects_tagging.mdx index f3e853fe8fc9d..a695b0307aeb9 100644 --- a/api_docs/saved_objects_tagging.mdx +++ b/api_docs/saved_objects_tagging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTagging title: "savedObjectsTagging" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTagging plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTagging'] --- import savedObjectsTaggingObj from './saved_objects_tagging.devdocs.json'; diff --git a/api_docs/saved_objects_tagging_oss.devdocs.json b/api_docs/saved_objects_tagging_oss.devdocs.json index f026546854a0d..64abacff50a11 100644 --- a/api_docs/saved_objects_tagging_oss.devdocs.json +++ b/api_docs/saved_objects_tagging_oss.devdocs.json @@ -467,78 +467,6 @@ "children": [], "returnComment": [] }, - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectsTaggingApiUi.hasTagDecoration", - "type": "Function", - "tags": [], - "label": "hasTagDecoration", - "description": [ - "\nType-guard to safely manipulate tag-enhanced `SavedObject` from the `savedObject` plugin.\n" - ], - "signature": [ - "(object: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">) => object is ", - { - "pluginId": "savedObjectsTaggingOss", - "scope": "public", - "docId": "kibSavedObjectsTaggingOssPluginApi", - "section": "def-public.TagDecoratedSavedObject", - "text": "TagDecoratedSavedObject" - } - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false, - "children": [ - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectsTaggingApiUi.hasTagDecoration.$1", - "type": "Object", - "tags": [], - "label": "object", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">" - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false, - "isRequired": true - } - ], - "returnComment": [] - }, { "parentPluginId": "savedObjectsTaggingOss", "id": "def-public.SavedObjectsTaggingApiUi.getSearchBarFilter", @@ -1383,106 +1311,6 @@ "deprecated": false, "trackAdoption": false, "initialIsOpen": false - }, - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectTagDecoratorTypeGuard", - "type": "Type", - "tags": [], - "label": "SavedObjectTagDecoratorTypeGuard", - "description": [], - "signature": [ - "(object: ", - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">) => object is ", - { - "pluginId": "savedObjectsTaggingOss", - "scope": "public", - "docId": "kibSavedObjectsTaggingOssPluginApi", - "section": "def-public.TagDecoratedSavedObject", - "text": "TagDecoratedSavedObject" - } - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false, - "returnComment": [], - "children": [ - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.SavedObjectTagDecoratorTypeGuard.$1", - "type": "Object", - "tags": [], - "label": "object", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - ">" - ], - "path": "src/plugins/saved_objects_tagging_oss/public/api.ts", - "deprecated": false, - "trackAdoption": false - } - ], - "initialIsOpen": false - }, - { - "parentPluginId": "savedObjectsTaggingOss", - "id": "def-public.TagDecoratedSavedObject", - "type": "Type", - "tags": [], - "label": "TagDecoratedSavedObject", - "description": [], - "signature": [ - { - "pluginId": "savedObjects", - "scope": "public", - "docId": "kibSavedObjectsPluginApi", - "section": "def-public.SavedObject", - "text": "SavedObject" - }, - "<", - { - "pluginId": "@kbn/core-saved-objects-common", - "scope": "common", - "docId": "kibKbnCoreSavedObjectsCommonPluginApi", - "section": "def-common.SavedObjectAttributes", - "text": "SavedObjectAttributes" - }, - "> & { getTags(): string[]; setTags(tags: string[]): void; }" - ], - "path": "src/plugins/saved_objects_tagging_oss/public/decorator/types.ts", - "deprecated": false, - "trackAdoption": false, - "initialIsOpen": false } ], "objects": [], diff --git a/api_docs/saved_objects_tagging_oss.mdx b/api_docs/saved_objects_tagging_oss.mdx index e2d111ce10bd4..efbc92ee83aee 100644 --- a/api_docs/saved_objects_tagging_oss.mdx +++ b/api_docs/saved_objects_tagging_oss.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTaggingOss title: "savedObjectsTaggingOss" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTaggingOss plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTaggingOss'] --- import savedObjectsTaggingOssObj from './saved_objects_tagging_oss.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 105 | 0 | 57 | 1 | +| 100 | 0 | 53 | 1 | ## Client diff --git a/api_docs/saved_search.mdx b/api_docs/saved_search.mdx index 24c0b2e66bc74..30b6412e07490 100644 --- a/api_docs/saved_search.mdx +++ b/api_docs/saved_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedSearch title: "savedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the savedSearch plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedSearch'] --- import savedSearchObj from './saved_search.devdocs.json'; diff --git a/api_docs/screenshot_mode.mdx b/api_docs/screenshot_mode.mdx index 517d894c5d23d..83b1568ddd63f 100644 --- a/api_docs/screenshot_mode.mdx +++ b/api_docs/screenshot_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotMode title: "screenshotMode" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotMode plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotMode'] --- import screenshotModeObj from './screenshot_mode.devdocs.json'; diff --git a/api_docs/screenshotting.mdx b/api_docs/screenshotting.mdx index 8376a73aae604..37394a6a64db9 100644 --- a/api_docs/screenshotting.mdx +++ b/api_docs/screenshotting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotting title: "screenshotting" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotting plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotting'] --- import screenshottingObj from './screenshotting.devdocs.json'; diff --git a/api_docs/search_assistant.mdx b/api_docs/search_assistant.mdx index a5a24f994be59..3ca251b7c0df3 100644 --- a/api_docs/search_assistant.mdx +++ b/api_docs/search_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchAssistant title: "searchAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the searchAssistant plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchAssistant'] --- import searchAssistantObj from './search_assistant.devdocs.json'; diff --git a/api_docs/search_connectors.mdx b/api_docs/search_connectors.mdx index 9406cb2724fd2..440505ea855ec 100644 --- a/api_docs/search_connectors.mdx +++ b/api_docs/search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchConnectors title: "searchConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the searchConnectors plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchConnectors'] --- import searchConnectorsObj from './search_connectors.devdocs.json'; diff --git a/api_docs/search_homepage.mdx b/api_docs/search_homepage.mdx index 9b9ecdf965cb2..c9b3d047e0778 100644 --- a/api_docs/search_homepage.mdx +++ b/api_docs/search_homepage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchHomepage title: "searchHomepage" image: https://source.unsplash.com/400x175/?github description: API docs for the searchHomepage plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchHomepage'] --- import searchHomepageObj from './search_homepage.devdocs.json'; diff --git a/api_docs/search_indices.mdx b/api_docs/search_indices.mdx index 724d9bdc0093f..acd87ac4e0d3d 100644 --- a/api_docs/search_indices.mdx +++ b/api_docs/search_indices.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchIndices title: "searchIndices" image: https://source.unsplash.com/400x175/?github description: API docs for the searchIndices plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchIndices'] --- import searchIndicesObj from './search_indices.devdocs.json'; diff --git a/api_docs/search_inference_endpoints.mdx b/api_docs/search_inference_endpoints.mdx index c44f1e084d94b..82520afbe5577 100644 --- a/api_docs/search_inference_endpoints.mdx +++ b/api_docs/search_inference_endpoints.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchInferenceEndpoints title: "searchInferenceEndpoints" image: https://source.unsplash.com/400x175/?github description: API docs for the searchInferenceEndpoints plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchInferenceEndpoints'] --- import searchInferenceEndpointsObj from './search_inference_endpoints.devdocs.json'; diff --git a/api_docs/search_notebooks.mdx b/api_docs/search_notebooks.mdx index 5b3249d6453cb..5435f7a4f0a6d 100644 --- a/api_docs/search_notebooks.mdx +++ b/api_docs/search_notebooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchNotebooks title: "searchNotebooks" image: https://source.unsplash.com/400x175/?github description: API docs for the searchNotebooks plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchNotebooks'] --- import searchNotebooksObj from './search_notebooks.devdocs.json'; diff --git a/api_docs/search_playground.mdx b/api_docs/search_playground.mdx index 4b500f39b99c0..e308621bfbb2d 100644 --- a/api_docs/search_playground.mdx +++ b/api_docs/search_playground.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchPlayground title: "searchPlayground" image: https://source.unsplash.com/400x175/?github description: API docs for the searchPlayground plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchPlayground'] --- import searchPlaygroundObj from './search_playground.devdocs.json'; diff --git a/api_docs/security.mdx b/api_docs/security.mdx index 649ec1747823e..025444c46d86d 100644 --- a/api_docs/security.mdx +++ b/api_docs/security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/security title: "security" image: https://source.unsplash.com/400x175/?github description: API docs for the security plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'security'] --- import securityObj from './security.devdocs.json'; diff --git a/api_docs/security_solution.devdocs.json b/api_docs/security_solution.devdocs.json index e92f1c1fc97d4..3d03c6a9812c5 100644 --- a/api_docs/security_solution.devdocs.json +++ b/api_docs/security_solution.devdocs.json @@ -485,7 +485,7 @@ "\nExperimental flag needed to enable the link" ], "signature": [ - "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" + "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"endpointManagementSpaceAwarenessEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"loggingRequestsEnabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"visualizationInFlyoutEnabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" ], "path": "x-pack/plugins/security_solution/public/common/links/types.ts", "deprecated": false, @@ -565,7 +565,7 @@ "\nExperimental flag needed to disable the link. Opposite of experimentalKey" ], "signature": [ - "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" + "\"assistantKnowledgeBaseByDefault\" | \"assistantModelEvaluation\" | \"assistantBedrockChat\" | \"excludePoliciesInFilterEnabled\" | \"kubernetesEnabled\" | \"donutChartEmbeddablesEnabled\" | \"previewTelemetryUrlEnabled\" | \"extendedRuleExecutionLoggingEnabled\" | \"socTrendsEnabled\" | \"responseActionUploadEnabled\" | \"automatedProcessActionsEnabled\" | \"automatedResponseActionsForMoreRulesEnabled\" | \"responseActionsSentinelOneV1Enabled\" | \"responseActionsSentinelOneV2Enabled\" | \"responseActionsSentinelOneGetFileEnabled\" | \"responseActionsSentinelOneKillProcessEnabled\" | \"responseActionsSentinelOneProcessesEnabled\" | \"responseActionsCrowdstrikeManualHostIsolationEnabled\" | \"endpointManagementSpaceAwarenessEnabled\" | \"securitySolutionNotesEnabled\" | \"entityAlertPreviewDisabled\" | \"assistantNaturalLanguageESQLTool\" | \"newUserDetailsFlyoutManagedUser\" | \"riskScoringPersistence\" | \"riskScoringRoutesEnabled\" | \"esqlRulesDisabled\" | \"loggingRequestsEnabled\" | \"protectionUpdatesEnabled\" | \"disableTimelineSaveTour\" | \"riskEnginePrivilegesRouteEnabled\" | \"sentinelOneDataInAnalyzerEnabled\" | \"sentinelOneManualHostActionsEnabled\" | \"crowdstrikeDataInAnalyzerEnabled\" | \"jamfDataInAnalyzerEnabled\" | \"timelineEsqlTabDisabled\" | \"unifiedComponentsInTimelineDisabled\" | \"analyzerDatePickersAndSourcererDisabled\" | \"visualizationInFlyoutEnabled\" | \"prebuiltRulesCustomizationEnabled\" | \"malwareOnWriteScanOptionAvailable\" | \"unifiedManifestEnabled\" | \"valueListItemsModalEnabled\" | \"manualRuleRunEnabled\" | \"filterProcessDescendantsForEventFiltersEnabled\" | \"dataIngestionHubEnabled\" | \"entityStoreEnabled\" | undefined" ], "path": "x-pack/plugins/security_solution/public/common/links/types.ts", "deprecated": false, @@ -1931,7 +1931,7 @@ "label": "experimentalFeatures", "description": [], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" + "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly endpointManagementSpaceAwarenessEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" ], "path": "x-pack/plugins/security_solution/public/types.ts", "deprecated": false, @@ -3099,7 +3099,7 @@ "\nThe security solution generic experimental features" ], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" + "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly endpointManagementSpaceAwarenessEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" ], "path": "x-pack/plugins/security_solution/server/plugin_contract.ts", "deprecated": false, @@ -3275,7 +3275,7 @@ "label": "ExperimentalFeatures", "description": [], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" + "{ readonly excludePoliciesInFilterEnabled: boolean; readonly kubernetesEnabled: boolean; readonly donutChartEmbeddablesEnabled: boolean; readonly previewTelemetryUrlEnabled: boolean; readonly extendedRuleExecutionLoggingEnabled: boolean; readonly socTrendsEnabled: boolean; readonly responseActionUploadEnabled: boolean; readonly automatedProcessActionsEnabled: boolean; readonly automatedResponseActionsForMoreRulesEnabled: boolean; readonly responseActionsSentinelOneV1Enabled: boolean; readonly responseActionsSentinelOneV2Enabled: boolean; readonly responseActionsSentinelOneGetFileEnabled: boolean; readonly responseActionsSentinelOneKillProcessEnabled: boolean; readonly responseActionsSentinelOneProcessesEnabled: boolean; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: boolean; readonly endpointManagementSpaceAwarenessEnabled: boolean; readonly securitySolutionNotesEnabled: boolean; readonly entityAlertPreviewDisabled: boolean; readonly assistantModelEvaluation: boolean; readonly assistantKnowledgeBaseByDefault: boolean; readonly assistantBedrockChat: boolean; readonly assistantNaturalLanguageESQLTool: boolean; readonly newUserDetailsFlyoutManagedUser: boolean; readonly riskScoringPersistence: boolean; readonly riskScoringRoutesEnabled: boolean; readonly esqlRulesDisabled: boolean; readonly loggingRequestsEnabled: boolean; readonly protectionUpdatesEnabled: boolean; readonly disableTimelineSaveTour: boolean; readonly riskEnginePrivilegesRouteEnabled: boolean; readonly sentinelOneDataInAnalyzerEnabled: boolean; readonly sentinelOneManualHostActionsEnabled: boolean; readonly crowdstrikeDataInAnalyzerEnabled: boolean; readonly jamfDataInAnalyzerEnabled: boolean; readonly timelineEsqlTabDisabled: boolean; readonly unifiedComponentsInTimelineDisabled: boolean; readonly analyzerDatePickersAndSourcererDisabled: boolean; readonly visualizationInFlyoutEnabled: boolean; readonly prebuiltRulesCustomizationEnabled: boolean; readonly malwareOnWriteScanOptionAvailable: boolean; readonly unifiedManifestEnabled: boolean; readonly valueListItemsModalEnabled: boolean; readonly manualRuleRunEnabled: boolean; readonly filterProcessDescendantsForEventFiltersEnabled: boolean; readonly dataIngestionHubEnabled: boolean; readonly entityStoreEnabled: boolean; }" ], "path": "x-pack/plugins/security_solution/common/experimental_features.ts", "deprecated": false, @@ -3341,7 +3341,7 @@ "\nA list of allowed values that can be used in `xpack.securitySolution.enableExperimental`.\nThis object is then used to validate and parse the value entered." ], "signature": [ - "{ readonly excludePoliciesInFilterEnabled: false; readonly kubernetesEnabled: true; readonly donutChartEmbeddablesEnabled: false; readonly previewTelemetryUrlEnabled: false; readonly extendedRuleExecutionLoggingEnabled: false; readonly socTrendsEnabled: false; readonly responseActionUploadEnabled: true; readonly automatedProcessActionsEnabled: true; readonly automatedResponseActionsForMoreRulesEnabled: false; readonly responseActionsSentinelOneV1Enabled: true; readonly responseActionsSentinelOneV2Enabled: true; readonly responseActionsSentinelOneGetFileEnabled: true; readonly responseActionsSentinelOneKillProcessEnabled: true; readonly responseActionsSentinelOneProcessesEnabled: true; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: true; readonly securitySolutionNotesEnabled: false; readonly entityAlertPreviewDisabled: false; readonly assistantModelEvaluation: false; readonly assistantKnowledgeBaseByDefault: false; readonly assistantBedrockChat: true; readonly assistantNaturalLanguageESQLTool: false; readonly newUserDetailsFlyoutManagedUser: false; readonly riskScoringPersistence: true; readonly riskScoringRoutesEnabled: true; readonly esqlRulesDisabled: false; readonly protectionUpdatesEnabled: true; readonly disableTimelineSaveTour: false; readonly riskEnginePrivilegesRouteEnabled: true; readonly sentinelOneDataInAnalyzerEnabled: true; readonly sentinelOneManualHostActionsEnabled: true; readonly crowdstrikeDataInAnalyzerEnabled: true; readonly jamfDataInAnalyzerEnabled: true; readonly timelineEsqlTabDisabled: false; readonly unifiedComponentsInTimelineDisabled: false; readonly analyzerDatePickersAndSourcererDisabled: false; readonly prebuiltRulesCustomizationEnabled: false; readonly malwareOnWriteScanOptionAvailable: true; readonly unifiedManifestEnabled: true; readonly valueListItemsModalEnabled: true; readonly manualRuleRunEnabled: false; readonly filterProcessDescendantsForEventFiltersEnabled: true; readonly dataIngestionHubEnabled: false; readonly entityStoreEnabled: false; }" + "{ readonly excludePoliciesInFilterEnabled: false; readonly kubernetesEnabled: true; readonly donutChartEmbeddablesEnabled: false; readonly previewTelemetryUrlEnabled: false; readonly extendedRuleExecutionLoggingEnabled: false; readonly socTrendsEnabled: false; readonly responseActionUploadEnabled: true; readonly automatedProcessActionsEnabled: true; readonly automatedResponseActionsForMoreRulesEnabled: false; readonly responseActionsSentinelOneV1Enabled: true; readonly responseActionsSentinelOneV2Enabled: true; readonly responseActionsSentinelOneGetFileEnabled: true; readonly responseActionsSentinelOneKillProcessEnabled: true; readonly responseActionsSentinelOneProcessesEnabled: true; readonly responseActionsCrowdstrikeManualHostIsolationEnabled: true; readonly endpointManagementSpaceAwarenessEnabled: false; readonly securitySolutionNotesEnabled: false; readonly entityAlertPreviewDisabled: false; readonly assistantModelEvaluation: false; readonly assistantKnowledgeBaseByDefault: false; readonly assistantBedrockChat: true; readonly assistantNaturalLanguageESQLTool: false; readonly newUserDetailsFlyoutManagedUser: false; readonly riskScoringPersistence: true; readonly riskScoringRoutesEnabled: true; readonly esqlRulesDisabled: false; readonly loggingRequestsEnabled: false; readonly protectionUpdatesEnabled: true; readonly disableTimelineSaveTour: false; readonly riskEnginePrivilegesRouteEnabled: true; readonly sentinelOneDataInAnalyzerEnabled: true; readonly sentinelOneManualHostActionsEnabled: true; readonly crowdstrikeDataInAnalyzerEnabled: true; readonly jamfDataInAnalyzerEnabled: true; readonly timelineEsqlTabDisabled: false; readonly unifiedComponentsInTimelineDisabled: false; readonly analyzerDatePickersAndSourcererDisabled: false; readonly visualizationInFlyoutEnabled: false; readonly prebuiltRulesCustomizationEnabled: false; readonly malwareOnWriteScanOptionAvailable: true; readonly unifiedManifestEnabled: true; readonly valueListItemsModalEnabled: true; readonly manualRuleRunEnabled: false; readonly filterProcessDescendantsForEventFiltersEnabled: true; readonly dataIngestionHubEnabled: false; readonly entityStoreEnabled: false; }" ], "path": "x-pack/plugins/security_solution/common/experimental_features.ts", "deprecated": false, diff --git a/api_docs/security_solution.mdx b/api_docs/security_solution.mdx index dd33b632b8d0a..7e88952aedb10 100644 --- a/api_docs/security_solution.mdx +++ b/api_docs/security_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolution title: "securitySolution" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolution plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolution'] --- import securitySolutionObj from './security_solution.devdocs.json'; diff --git a/api_docs/security_solution_ess.mdx b/api_docs/security_solution_ess.mdx index 9801ba681ebfe..acf6df88eecd4 100644 --- a/api_docs/security_solution_ess.mdx +++ b/api_docs/security_solution_ess.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionEss title: "securitySolutionEss" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionEss plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionEss'] --- import securitySolutionEssObj from './security_solution_ess.devdocs.json'; diff --git a/api_docs/security_solution_serverless.mdx b/api_docs/security_solution_serverless.mdx index 9f044c4d13023..7f89d9bbbea79 100644 --- a/api_docs/security_solution_serverless.mdx +++ b/api_docs/security_solution_serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionServerless title: "securitySolutionServerless" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionServerless plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionServerless'] --- import securitySolutionServerlessObj from './security_solution_serverless.devdocs.json'; diff --git a/api_docs/serverless.mdx b/api_docs/serverless.mdx index afff3efda9ad9..6bd064b11f2e9 100644 --- a/api_docs/serverless.mdx +++ b/api_docs/serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverless title: "serverless" image: https://source.unsplash.com/400x175/?github description: API docs for the serverless plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverless'] --- import serverlessObj from './serverless.devdocs.json'; diff --git a/api_docs/serverless_observability.mdx b/api_docs/serverless_observability.mdx index e6871a1543a4e..75b78d6919403 100644 --- a/api_docs/serverless_observability.mdx +++ b/api_docs/serverless_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessObservability title: "serverlessObservability" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessObservability plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessObservability'] --- import serverlessObservabilityObj from './serverless_observability.devdocs.json'; diff --git a/api_docs/serverless_search.mdx b/api_docs/serverless_search.mdx index 83258dec5ca8e..a81bdfb064957 100644 --- a/api_docs/serverless_search.mdx +++ b/api_docs/serverless_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessSearch title: "serverlessSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessSearch plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessSearch'] --- import serverlessSearchObj from './serverless_search.devdocs.json'; diff --git a/api_docs/session_view.mdx b/api_docs/session_view.mdx index 156d5cb010e00..fc4ea3738486c 100644 --- a/api_docs/session_view.mdx +++ b/api_docs/session_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/sessionView title: "sessionView" image: https://source.unsplash.com/400x175/?github description: API docs for the sessionView plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'sessionView'] --- import sessionViewObj from './session_view.devdocs.json'; diff --git a/api_docs/share.mdx b/api_docs/share.mdx index 046c5756fc8ac..cea50918cd223 100644 --- a/api_docs/share.mdx +++ b/api_docs/share.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/share title: "share" image: https://source.unsplash.com/400x175/?github description: API docs for the share plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'share'] --- import shareObj from './share.devdocs.json'; diff --git a/api_docs/slo.mdx b/api_docs/slo.mdx index 429b93bf87257..61db3de922873 100644 --- a/api_docs/slo.mdx +++ b/api_docs/slo.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/slo title: "slo" image: https://source.unsplash.com/400x175/?github description: API docs for the slo plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'slo'] --- import sloObj from './slo.devdocs.json'; diff --git a/api_docs/snapshot_restore.mdx b/api_docs/snapshot_restore.mdx index 4a7647ee1aea5..4f75d10d318a8 100644 --- a/api_docs/snapshot_restore.mdx +++ b/api_docs/snapshot_restore.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/snapshotRestore title: "snapshotRestore" image: https://source.unsplash.com/400x175/?github description: API docs for the snapshotRestore plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'snapshotRestore'] --- import snapshotRestoreObj from './snapshot_restore.devdocs.json'; diff --git a/api_docs/spaces.mdx b/api_docs/spaces.mdx index b2bf462c7558f..e878688b719db 100644 --- a/api_docs/spaces.mdx +++ b/api_docs/spaces.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/spaces title: "spaces" image: https://source.unsplash.com/400x175/?github description: API docs for the spaces plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'spaces'] --- import spacesObj from './spaces.devdocs.json'; diff --git a/api_docs/stack_alerts.mdx b/api_docs/stack_alerts.mdx index 746e80d55123a..e06c7713ef821 100644 --- a/api_docs/stack_alerts.mdx +++ b/api_docs/stack_alerts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackAlerts title: "stackAlerts" image: https://source.unsplash.com/400x175/?github description: API docs for the stackAlerts plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackAlerts'] --- import stackAlertsObj from './stack_alerts.devdocs.json'; diff --git a/api_docs/stack_connectors.mdx b/api_docs/stack_connectors.mdx index 53f753faf7164..a4b0b1d830fde 100644 --- a/api_docs/stack_connectors.mdx +++ b/api_docs/stack_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackConnectors title: "stackConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the stackConnectors plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackConnectors'] --- import stackConnectorsObj from './stack_connectors.devdocs.json'; diff --git a/api_docs/task_manager.mdx b/api_docs/task_manager.mdx index f96eb54d5b787..e096a9a005dcb 100644 --- a/api_docs/task_manager.mdx +++ b/api_docs/task_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/taskManager title: "taskManager" image: https://source.unsplash.com/400x175/?github description: API docs for the taskManager plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'taskManager'] --- import taskManagerObj from './task_manager.devdocs.json'; diff --git a/api_docs/telemetry.mdx b/api_docs/telemetry.mdx index cbb61979b9db6..b7a85bb64fbe2 100644 --- a/api_docs/telemetry.mdx +++ b/api_docs/telemetry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetry title: "telemetry" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetry plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetry'] --- import telemetryObj from './telemetry.devdocs.json'; diff --git a/api_docs/telemetry_collection_manager.mdx b/api_docs/telemetry_collection_manager.mdx index c454fb6f87a9e..25b1ff709bedf 100644 --- a/api_docs/telemetry_collection_manager.mdx +++ b/api_docs/telemetry_collection_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionManager title: "telemetryCollectionManager" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionManager plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionManager'] --- import telemetryCollectionManagerObj from './telemetry_collection_manager.devdocs.json'; diff --git a/api_docs/telemetry_collection_xpack.mdx b/api_docs/telemetry_collection_xpack.mdx index a3f15638b1faf..199d608420efd 100644 --- a/api_docs/telemetry_collection_xpack.mdx +++ b/api_docs/telemetry_collection_xpack.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionXpack title: "telemetryCollectionXpack" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionXpack plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionXpack'] --- import telemetryCollectionXpackObj from './telemetry_collection_xpack.devdocs.json'; diff --git a/api_docs/telemetry_management_section.mdx b/api_docs/telemetry_management_section.mdx index 86c536a6ea0ae..815a6b8974690 100644 --- a/api_docs/telemetry_management_section.mdx +++ b/api_docs/telemetry_management_section.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryManagementSection title: "telemetryManagementSection" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryManagementSection plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryManagementSection'] --- import telemetryManagementSectionObj from './telemetry_management_section.devdocs.json'; diff --git a/api_docs/threat_intelligence.mdx b/api_docs/threat_intelligence.mdx index 0345d9b86b24e..de406fb22c6d9 100644 --- a/api_docs/threat_intelligence.mdx +++ b/api_docs/threat_intelligence.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/threatIntelligence title: "threatIntelligence" image: https://source.unsplash.com/400x175/?github description: API docs for the threatIntelligence plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'threatIntelligence'] --- import threatIntelligenceObj from './threat_intelligence.devdocs.json'; diff --git a/api_docs/timelines.mdx b/api_docs/timelines.mdx index be6441092a53a..d4bbc4707ce05 100644 --- a/api_docs/timelines.mdx +++ b/api_docs/timelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/timelines title: "timelines" image: https://source.unsplash.com/400x175/?github description: API docs for the timelines plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'timelines'] --- import timelinesObj from './timelines.devdocs.json'; diff --git a/api_docs/transform.mdx b/api_docs/transform.mdx index ed1a6889a4a85..39147e5378e60 100644 --- a/api_docs/transform.mdx +++ b/api_docs/transform.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/transform title: "transform" image: https://source.unsplash.com/400x175/?github description: API docs for the transform plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'transform'] --- import transformObj from './transform.devdocs.json'; diff --git a/api_docs/triggers_actions_ui.mdx b/api_docs/triggers_actions_ui.mdx index 7bd9c10a5316b..083bda21eb2d1 100644 --- a/api_docs/triggers_actions_ui.mdx +++ b/api_docs/triggers_actions_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/triggersActionsUi title: "triggersActionsUi" image: https://source.unsplash.com/400x175/?github description: API docs for the triggersActionsUi plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'triggersActionsUi'] --- import triggersActionsUiObj from './triggers_actions_ui.devdocs.json'; diff --git a/api_docs/ui_actions.mdx b/api_docs/ui_actions.mdx index c7c53fd3fec38..2e6b20381c07c 100644 --- a/api_docs/ui_actions.mdx +++ b/api_docs/ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActions title: "uiActions" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActions plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActions'] --- import uiActionsObj from './ui_actions.devdocs.json'; diff --git a/api_docs/ui_actions_enhanced.mdx b/api_docs/ui_actions_enhanced.mdx index 9b070a43c2c0f..1ca86ba226eaa 100644 --- a/api_docs/ui_actions_enhanced.mdx +++ b/api_docs/ui_actions_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActionsEnhanced title: "uiActionsEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActionsEnhanced plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActionsEnhanced'] --- import uiActionsEnhancedObj from './ui_actions_enhanced.devdocs.json'; diff --git a/api_docs/unified_doc_viewer.mdx b/api_docs/unified_doc_viewer.mdx index 8c0aeb892fb08..482e7e5576d75 100644 --- a/api_docs/unified_doc_viewer.mdx +++ b/api_docs/unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedDocViewer title: "unifiedDocViewer" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedDocViewer plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedDocViewer'] --- import unifiedDocViewerObj from './unified_doc_viewer.devdocs.json'; diff --git a/api_docs/unified_histogram.mdx b/api_docs/unified_histogram.mdx index f2b5f1b4f69a5..4361ece3e61c3 100644 --- a/api_docs/unified_histogram.mdx +++ b/api_docs/unified_histogram.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedHistogram title: "unifiedHistogram" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedHistogram plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedHistogram'] --- import unifiedHistogramObj from './unified_histogram.devdocs.json'; diff --git a/api_docs/unified_search.mdx b/api_docs/unified_search.mdx index a5a9ddc4fbad9..b7b31034f335a 100644 --- a/api_docs/unified_search.mdx +++ b/api_docs/unified_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch title: "unifiedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch'] --- import unifiedSearchObj from './unified_search.devdocs.json'; diff --git a/api_docs/unified_search_autocomplete.mdx b/api_docs/unified_search_autocomplete.mdx index 063b1145c64c0..27cca2576d67c 100644 --- a/api_docs/unified_search_autocomplete.mdx +++ b/api_docs/unified_search_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch-autocomplete title: "unifiedSearch.autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch.autocomplete plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch.autocomplete'] --- import unifiedSearchAutocompleteObj from './unified_search_autocomplete.devdocs.json'; diff --git a/api_docs/uptime.mdx b/api_docs/uptime.mdx index 9604fda7ba56e..c71cf9136aad6 100644 --- a/api_docs/uptime.mdx +++ b/api_docs/uptime.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uptime title: "uptime" image: https://source.unsplash.com/400x175/?github description: API docs for the uptime plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uptime'] --- import uptimeObj from './uptime.devdocs.json'; diff --git a/api_docs/url_forwarding.mdx b/api_docs/url_forwarding.mdx index 411c8cd897007..c45c4af4b5fd9 100644 --- a/api_docs/url_forwarding.mdx +++ b/api_docs/url_forwarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/urlForwarding title: "urlForwarding" image: https://source.unsplash.com/400x175/?github description: API docs for the urlForwarding plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'urlForwarding'] --- import urlForwardingObj from './url_forwarding.devdocs.json'; diff --git a/api_docs/usage_collection.mdx b/api_docs/usage_collection.mdx index b06b0978a5d7e..73d9fd481c4bb 100644 --- a/api_docs/usage_collection.mdx +++ b/api_docs/usage_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/usageCollection title: "usageCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the usageCollection plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'usageCollection'] --- import usageCollectionObj from './usage_collection.devdocs.json'; diff --git a/api_docs/ux.mdx b/api_docs/ux.mdx index 0fa3933c116df..426722344bb39 100644 --- a/api_docs/ux.mdx +++ b/api_docs/ux.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ux title: "ux" image: https://source.unsplash.com/400x175/?github description: API docs for the ux plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ux'] --- import uxObj from './ux.devdocs.json'; diff --git a/api_docs/vis_default_editor.mdx b/api_docs/vis_default_editor.mdx index 50c6abcb515f9..8e21a32e0d1fe 100644 --- a/api_docs/vis_default_editor.mdx +++ b/api_docs/vis_default_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visDefaultEditor title: "visDefaultEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the visDefaultEditor plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visDefaultEditor'] --- import visDefaultEditorObj from './vis_default_editor.devdocs.json'; diff --git a/api_docs/vis_type_gauge.mdx b/api_docs/vis_type_gauge.mdx index c496196374271..4e681895a92be 100644 --- a/api_docs/vis_type_gauge.mdx +++ b/api_docs/vis_type_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeGauge title: "visTypeGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeGauge plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeGauge'] --- import visTypeGaugeObj from './vis_type_gauge.devdocs.json'; diff --git a/api_docs/vis_type_heatmap.mdx b/api_docs/vis_type_heatmap.mdx index b29872f7d3045..7f3c0cafd870a 100644 --- a/api_docs/vis_type_heatmap.mdx +++ b/api_docs/vis_type_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeHeatmap title: "visTypeHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeHeatmap plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeHeatmap'] --- import visTypeHeatmapObj from './vis_type_heatmap.devdocs.json'; diff --git a/api_docs/vis_type_pie.mdx b/api_docs/vis_type_pie.mdx index fd1dc05b2342e..b223a85dcb514 100644 --- a/api_docs/vis_type_pie.mdx +++ b/api_docs/vis_type_pie.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypePie title: "visTypePie" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypePie plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypePie'] --- import visTypePieObj from './vis_type_pie.devdocs.json'; diff --git a/api_docs/vis_type_table.mdx b/api_docs/vis_type_table.mdx index bd8202c5aba44..92ca2c666f06d 100644 --- a/api_docs/vis_type_table.mdx +++ b/api_docs/vis_type_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTable title: "visTypeTable" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTable plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTable'] --- import visTypeTableObj from './vis_type_table.devdocs.json'; diff --git a/api_docs/vis_type_timelion.mdx b/api_docs/vis_type_timelion.mdx index 22021798f10c9..adad07c2041a7 100644 --- a/api_docs/vis_type_timelion.mdx +++ b/api_docs/vis_type_timelion.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimelion title: "visTypeTimelion" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimelion plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimelion'] --- import visTypeTimelionObj from './vis_type_timelion.devdocs.json'; diff --git a/api_docs/vis_type_timeseries.mdx b/api_docs/vis_type_timeseries.mdx index 90284453cbedf..6015e51eb77fb 100644 --- a/api_docs/vis_type_timeseries.mdx +++ b/api_docs/vis_type_timeseries.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimeseries title: "visTypeTimeseries" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimeseries plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimeseries'] --- import visTypeTimeseriesObj from './vis_type_timeseries.devdocs.json'; diff --git a/api_docs/vis_type_vega.mdx b/api_docs/vis_type_vega.mdx index d249bcf3d431e..c1a79ce86e11b 100644 --- a/api_docs/vis_type_vega.mdx +++ b/api_docs/vis_type_vega.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVega title: "visTypeVega" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVega plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVega'] --- import visTypeVegaObj from './vis_type_vega.devdocs.json'; diff --git a/api_docs/vis_type_vislib.mdx b/api_docs/vis_type_vislib.mdx index e39fb35c7ca7e..596e91ecb0594 100644 --- a/api_docs/vis_type_vislib.mdx +++ b/api_docs/vis_type_vislib.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVislib title: "visTypeVislib" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVislib plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVislib'] --- import visTypeVislibObj from './vis_type_vislib.devdocs.json'; diff --git a/api_docs/vis_type_xy.mdx b/api_docs/vis_type_xy.mdx index bdd1dc74670f2..108c46cbc03b0 100644 --- a/api_docs/vis_type_xy.mdx +++ b/api_docs/vis_type_xy.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeXy title: "visTypeXy" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeXy plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeXy'] --- import visTypeXyObj from './vis_type_xy.devdocs.json'; diff --git a/api_docs/visualizations.mdx b/api_docs/visualizations.mdx index 604c9238d8498..fc9c4d760ced3 100644 --- a/api_docs/visualizations.mdx +++ b/api_docs/visualizations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visualizations title: "visualizations" image: https://source.unsplash.com/400x175/?github description: API docs for the visualizations plugin -date: 2024-09-19 +date: 2024-09-23 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visualizations'] --- import visualizationsObj from './visualizations.devdocs.json'; diff --git a/dev_docs/getting_started/setting_up_a_development_env.mdx b/dev_docs/getting_started/setting_up_a_development_env.mdx index b69987a09da50..8a7980e9f45e0 100644 --- a/dev_docs/getting_started/setting_up_a_development_env.mdx +++ b/dev_docs/getting_started/setting_up_a_development_env.mdx @@ -109,6 +109,7 @@ Kibana also supports using a [dev container](https://containers.dev/) which can 1. You should see the Kibana repo and your terminal will be inside the container. You can develop as normal now, including running `yarn es` from inside the container. ### Customizing the Dev Container + Installing any extra extensions or making adjustments to the OS environment inside the container will not have an effect on your local OS or VS Code installation. Editing the `devcontainer.json` or `.devcontainer/Dockerfile` should be reserved for changes to all dev environments. ### FIPS Mode @@ -116,4 +117,9 @@ Installing any extra extensions or making adjustments to the OS environment insi The dev container is pre-configured to run Kibana in FIPS mode if needed. Simply change the `.env` file to `FIPS=1` and reopen your terminal. There should be a log message in your terminal which indicates `FIPS mode enabled`. ### Troubleshooting -- Sometimes when rebuilding the container, there will be an error message that it failed. Usually hitting retry will fix this, and is only related to VS Code trying to reconnect to the container too quickly. \ No newline at end of file + +- Sometimes when rebuilding the container, there will be an error message that it failed. Usually hitting retry will fix this, and is only related to VS Code trying to reconnect to the container too quickly. + +### Limitations + +- Git worktrees are not supported when using the repo from the Local Filesystem. [VSCode issue](https://github.com/microsoft/vscode/issues/68038) for tracking, and a possible workaround though it is untested. \ No newline at end of file diff --git a/docs/developer/plugin-list.asciidoc b/docs/developer/plugin-list.asciidoc index 38fc136ef1fac..55a2a19040aec 100644 --- a/docs/developer/plugin-list.asciidoc +++ b/docs/developer/plugin-list.asciidoc @@ -536,6 +536,10 @@ Plugin server-side only. Plugin has three main functions: |In order to make ongoing maintenance of log collection easy we want to introduce the concept of data set quality, where users can easily get an overview on the data sets they have with information such as integration, size, last activity, among others. +|{kib-repo}blob/{branch}/x-pack/plugins/data_usage/README.md[dataUsage] +|Serverless only plugin for users to view data usage + + |{kib-repo}blob/{branch}/x-pack/plugins/data_visualizer/README.md[dataVisualizer] |The data_visualizer plugin enables you to explore the fields in your data. diff --git a/docs/playground/playground-query.asciidoc b/docs/playground/playground-query.asciidoc index 9a3f34e800017..0d98e13204284 100644 --- a/docs/playground/playground-query.asciidoc +++ b/docs/playground/playground-query.asciidoc @@ -12,7 +12,6 @@ The {x} UI enables you to view and modify these queries. * Click *View query* to open the visual query editor. * Modify the query by selecting fields to query per index. -* Click *Save changes*. [TIP] ==== diff --git a/docs/user/dashboard/images/dashboard_filter_pills_8.15.0.png b/docs/user/dashboard/images/dashboard_filter_pills_8.15.0.png new file mode 100644 index 0000000000000..220640ceaf41c Binary files /dev/null and b/docs/user/dashboard/images/dashboard_filter_pills_8.15.0.png differ diff --git a/docs/user/dashboard/use-dashboards.asciidoc b/docs/user/dashboard/use-dashboards.asciidoc index 32ae52d3a512d..1baa7d49ab8f8 100644 --- a/docs/user/dashboard/use-dashboards.asciidoc +++ b/docs/user/dashboard/use-dashboards.asciidoc @@ -78,6 +78,9 @@ The *Exists* query returns all documents that contain an indexed value for the f . To display only the options you selected in the dropdown, click image:images/dashboard_showOnlySelectedOptions_8.3.0.png[The icon to display only the options you have selected in the Options list]. +[role="screenshot"] +image::images/dashboard_controlsOptionsList_8.7.0.png[Options list control] + [float] [[filter-the-data-with-range-slider-controls]] ==== Filter the data with Range slider controls @@ -91,6 +94,9 @@ The dashboard displays only the data for the range of values you specified. . To clear the specified values, click image:images/dashboard_controlsClearSelections_8.3.0.png[The icon to clear all specified values in the Range slider]. +[role="screenshot"] +image::images/dashboard_controlsRangeSlider_8.3.0.png[Range slider control] + [float] [[filter-the-data-with-time-slider-controls]] ==== Filter the data with time slider controls @@ -106,9 +112,17 @@ Filter the data within a specified range of time. . To clear the specified values, click image:images/dashboard_controlsClearSelections_8.3.0.png[The icon to clear all specified values in the Range slider]. +[role="screenshot"] +image::images/dashboard_timeSliderControl_8.7.0.gif[Time slider control] + [float] === Use filter pills +Use filter pills to focus in on the specific data you want. + +[role="screenshot"] +image::images/dashboard_filter_pills_8.15.0.png[Filter pills, width=50%] + [float] ==== Add pills by interacting with visualizations diff --git a/docs/user/reporting/images/embed-code-public-url.png b/docs/user/reporting/images/embed-code-public-url.png deleted file mode 100644 index 4ecd6c47122d1..0000000000000 Binary files a/docs/user/reporting/images/embed-code-public-url.png and /dev/null differ diff --git a/docs/user/reporting/images/permalink-public-url.png b/docs/user/reporting/images/permalink-public-url.png deleted file mode 100644 index 93e7482a16c2b..0000000000000 Binary files a/docs/user/reporting/images/permalink-public-url.png and /dev/null differ diff --git a/docs/user/reporting/index.asciidoc b/docs/user/reporting/index.asciidoc index 03352865e616c..5f09ed6907c1f 100644 --- a/docs/user/reporting/index.asciidoc +++ b/docs/user/reporting/index.asciidoc @@ -7,37 +7,40 @@ :frontmatter-description: {kib} provides you with several options to share *Discover* saved searches, dashboards, *Visualize Library* visualizations, and *Canvas* workpads with others, or on a website. :frontmatter-tags-products: [kibana] -{kib} provides you with several options to share *Discover* saved searches, dashboards, *Visualize Library* visualizations, and *Canvas* workpads. +{kib} provides you with several options to share *Discover* saved searches, dashboards, *Visualize Library* visualizations, and *Canvas* workpads. These sharing options are available from the *Share* menu in the toolbar. -You access the options from the *Share* menu in the toolbar. The sharing options include the following: +[float] +[[share-a-direct-link]] +== Share with a direct link -* *PDF Reports* — Generate and download PDF files of dashboards, visualizations, and *Canvas* workpads. PDF reports are a link:https://www.elastic.co/subscriptions[subscription feature]. +You can share direct links to saved searches, dashboards, and visualizations. When clicking **Share**, look for the **Links** tab to get the shareable link and copy it. -* *PNG Reports* — Generate and download PNG files of dashboards and visualizations. PNG reports are a link:https://www.elastic.co/subscriptions[subscription feature]. +TIP: When sharing an object with unsaved changes, you get a temporary link that might break in the future, for example in case of upgrade. Save the object to get a permanent link instead. -* *CSV Reports* — Generate CSV reports of saved searches. <>. +To access the object shared with the link, users need to authenticate. -* *CSV Download* — Generate and download CSV files of *Lens* visualizations. +Anonymous users can also access the link if you have configured <> and your anonymous service account has privileges to access what you want to share. -* *Get links* — Share direct links to saved searches, dashboards, and visualizations. +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt49f2b5a80ec89a34/66b9e919af508f4ac182c194/share-dashboard.gif[getting a shareable link for a dashboard] -* *Download as JSON* — Generate and download JSON files of *Canvas* workpads. +[float] +[[manually-generate-reports]] +== Export as a file -* beta[] *Share on a website* — Download and securely share *Canvas* workpads on any website. +NOTE: For more information on how to configure reporting in {kib}, refer to <> -* *Embed code* — Embed fully interactive dashboards as an iframe on web pages. +Create and download PDF, PNG, or CSV reports of saved searches, dashboards, visualizations, and workpads. -[[reporting-on-cloud-resource-requirements]] -NOTE: For Elastic Cloud deployments, {kib} instances require a minimum of 2GB RAM to generate PDF or PNG reports. To -change {kib} sizing, {ess-console}[edit the deployment]. +* *PDF* — Generate and download PDF files of dashboards, visualizations, and *Canvas* workpads. PDF reports are a link:https://www.elastic.co/subscriptions[subscription feature]. -For more information on how to configure reporting in {kib}, refer to <> +* *PNG* — Generate and download PNG files of dashboards and visualizations. PNG reports are a link:https://www.elastic.co/subscriptions[subscription feature]. -[float] -[[manually-generate-reports]] -== Create reports +* *CSV Reports* — Generate CSV reports of saved searches. <>. + +* *CSV Download* — Generate and download CSV files of *Lens* visualizations. + +* *Download as JSON* — Generate and download JSON files of *Canvas* workpads. -Create and download PDF, PNG, or CSV reports of saved searches, dashboards, visualizations, and workpads. [[reporting-layout-sizing]] The layout and size of the report depends on what you are sharing. @@ -55,17 +58,19 @@ image::user/reporting/images/shareable-container.png["Shareable Container"] . From the toolbar, click *Share*, then select the report option. -* If you are creating dashboard PDFs, select *Optimize for printing* to create printer-friendly PDFs with multiple A4 portrait pages and two visualizations per page. +* If you are creating dashboard PDFs, select *For printing* to create printer-friendly PDFs with multiple A4 portrait pages and two visualizations per page. + NOTE: When you create a dashboard report that includes a data table or saved search, the PDF includes only the visible data. * If you are creating workpad PDFs, select *Full page layout* to create PDFs without margins that surround the workpad. -. Generate the report. +. Generate the report by clicking **Export file**, **Generate CSV**, or **Generate PDF**, depending on the object you want to export. ++ +NOTE: You can use the *Copy POST URL* option instead to generate the report from outside Kibana or from Watcher. -. When the report generates, a message appears. On the message, click **Download report**. +. A message appears, indicating that the report is in the export queue. -. To view and manage reports, open the main menu, then click *Stack Management > Reporting*. +You can then download it from that message, or go to the *Stack Management > Reporting* page to view and access all of your reports. NOTE: In "stateful" deployments, reports are stored in {es} and managed by the `kibana-reporting` {ilm} ({ilm-init}) policy. By default, the policy stores reports forever. To learn more about {ilm-init} policies, refer @@ -83,33 +88,6 @@ include::reporting-csv-limitations.asciidoc[] include::reporting-pdf-limitations.asciidoc[] -[float] -[[share-a-direct-link]] -== Share direct links - -Create and share direct links to saved searches, dashboards, and visualizations. To access the shared object, authentication is required. - -. Open the main menu, then open the saved search, dashboard, or visualization you want to share. - -. From the toolbar, click *Share*, then select *Get links*. - -. Specify how you want to generate the link: - -* To display only the current state of the object, select *Snapshot*. - -* To display up-to-date changes, select *Saved object*. - -* To generate a shortened link, select *Short URL*. - -* To automatically log in anonymous users when you have multiple authentication providers enabled, select *Public URL*. -+ -[role="screenshot"] -image::images/permalink-public-url.png[Permalink share menu with Public URL option highlighted] -+ -NOTE: *Public URL* is available only when anonymous access is configured and your anonymous service account has privileges to access what you want to share. For more information, refer to <>. - -. Click *Copy link*. - [float] [[download-as-json]] == Create JSON files @@ -122,6 +100,18 @@ Create and share JSON files for workpads. . From the toolbar, click *Share*, then select *Download as JSON*. +[float] +== Embed outside of {kib} + +* beta[] *Share on a website* — Download and securely share *Canvas* workpads on any website. + +* *Embed code* — Embed fully interactive dashboards as an iframe on web pages. + +[[reporting-on-cloud-resource-requirements]] +NOTE: For Elastic Cloud deployments, {kib} instances require a minimum of 2GB RAM to generate PDF or PNG reports. To +change {kib} sizing, {ess-console}[edit the deployment]. + + [float] [[add-workpad-website]] == Share workpads on a website @@ -154,24 +144,12 @@ For information about granting access to embedded dashboards, refer to < Embed code*. -. Specify how you want to generate the code: - -* To display the current state, select *Snapshot*. - -* To display up-to-date changes, select *Saved object*. +. Specify which parts of the dashboard you want to include: Top menu, query, time filter, and filter bar. -* Select the dashboard components you want to share. +. Click *Copy embed code*. -* To generate a shortened link, select *Short URL*. -* To automatically log in anonymous users when you have multiple authentication providers enabled, select *Public URL*. -+ -[role="screenshot"] -image::images/embed-code-public-url.png[Embed code share menu with Public URL option highlighted] -+ -NOTE: *Public URL* is available only when anonymous access is configured and your anonymous service account has privileges to access what you want to embed. For more information, refer to <>. -. Click *Copy iFrame code*. -- diff --git a/examples/embeddable_examples/public/app/presentation_container_example/page_api.ts b/examples/embeddable_examples/public/app/presentation_container_example/page_api.ts index a2e4114bf59a8..517f0534993ef 100644 --- a/examples/embeddable_examples/public/app/presentation_container_example/page_api.ts +++ b/examples/embeddable_examples/public/app/presentation_container_example/page_api.ts @@ -198,10 +198,6 @@ export function getPageApi() { executionContext: { type: 'presentationContainerEmbeddableExample', }, - getAllDataViews: () => { - // TODO remove once dashboard converted to API and use `PublishesDataViews` interface - return []; - }, getPanelCount: () => { return panels$.value.length; }, diff --git a/examples/embeddable_examples/public/app/presentation_container_example/types.ts b/examples/embeddable_examples/public/app/presentation_container_example/types.ts index 66ac415ffebbe..c3530ba71dbcf 100644 --- a/examples/embeddable_examples/public/app/presentation_container_example/types.ts +++ b/examples/embeddable_examples/public/app/presentation_container_example/types.ts @@ -7,7 +7,6 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import type { DataView } from '@kbn/data-views-plugin/public'; import { TimeRange } from '@kbn/es-query'; import { CanAddNewPanel, @@ -36,9 +35,7 @@ export type PageApi = PresentationContainer & PublishesViewMode & PublishesReload & PublishesTimeRange & - PublishesUnsavedChanges & { - getAllDataViews: () => DataView[]; - }; + PublishesUnsavedChanges; export interface LastSavedState { timeRange: TimeRange; diff --git a/oas_docs/bundle.json b/oas_docs/bundle.json index a523935afdbae..5fd690a2f6ceb 100644 --- a/oas_docs/bundle.json +++ b/oas_docs/bundle.json @@ -1493,6 +1493,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Delete a rule", @@ -2399,6 +2408,15 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Get rule details", @@ -3586,6 +3604,15 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "409": { + "description": "Indicates that the rule id is already in use." } }, "summary": "Create a rule", @@ -4756,6 +4783,18 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." + }, + "409": { + "description": "Indicates that the rule has already been updated by another user." } }, "summary": "Update a rule", @@ -4821,6 +4860,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Disable a rule", @@ -4868,6 +4916,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Enable a rule", @@ -5009,6 +5066,18 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." + }, + "409": { + "description": "Indicates that the rule has already been updated by another user." } }, "summary": "Update the API key for a rule", @@ -5065,6 +5134,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule or alert with the given ID does not exist." } }, "summary": "Mute an alert", @@ -5121,6 +5199,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule or alert with the given ID does not exist." } }, "summary": "Unmute an alert", @@ -6162,6 +6249,12 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." } }, "summary": "Get information about rules", diff --git a/oas_docs/bundle.serverless.json b/oas_docs/bundle.serverless.json index a523935afdbae..5fd690a2f6ceb 100644 --- a/oas_docs/bundle.serverless.json +++ b/oas_docs/bundle.serverless.json @@ -1493,6 +1493,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Delete a rule", @@ -2399,6 +2408,15 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Get rule details", @@ -3586,6 +3604,15 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "409": { + "description": "Indicates that the rule id is already in use." } }, "summary": "Create a rule", @@ -4756,6 +4783,18 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." + }, + "409": { + "description": "Indicates that the rule has already been updated by another user." } }, "summary": "Update a rule", @@ -4821,6 +4860,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Disable a rule", @@ -4868,6 +4916,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." } }, "summary": "Enable a rule", @@ -5009,6 +5066,18 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule with the given ID does not exist." + }, + "409": { + "description": "Indicates that the rule has already been updated by another user." } }, "summary": "Update the API key for a rule", @@ -5065,6 +5134,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule or alert with the given ID does not exist." } }, "summary": "Mute an alert", @@ -5121,6 +5199,15 @@ "responses": { "204": { "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." + }, + "404": { + "description": "Indicates a rule or alert with the given ID does not exist." } }, "summary": "Unmute an alert", @@ -6162,6 +6249,12 @@ } }, "description": "Indicates a successful call." + }, + "400": { + "description": "Indicates an invalid schema or parameters." + }, + "403": { + "description": "Indicates that this call is forbidden." } }, "summary": "Get information about rules", diff --git a/oas_docs/output/kibana.serverless.staging.yaml b/oas_docs/output/kibana.serverless.staging.yaml new file mode 100644 index 0000000000000..15790040e6a46 --- /dev/null +++ b/oas_docs/output/kibana.serverless.staging.yaml @@ -0,0 +1,34264 @@ +openapi: 3.0.3 +info: + contact: + name: Kibana Team + description: > + **Technical preview** + + This functionality is in technical preview and may be changed or removed in + a future release. + + Elastic will work to fix any issues, but features in technical preview are + not subject to the support SLA of official GA features. + + + The Kibana REST APIs for Elastic serverless enable you to manage resources + + such as connectors, data views, and saved objects. The API calls are + + stateless. Each request that you make happens in isolation from other calls + + and must include all of the necessary information for Kibana to fulfill the + + request. API requests return JSON output, which is a format that is + + machine-readable and works well for automation. + + + To interact with Kibana APIs, use the following operations: + + + - GET: Fetches the information. + + - POST: Adds new information. + + - PUT: Updates the existing information. + + - DELETE: Removes the information. + + + You can prepend any Kibana API endpoint with `kbn:` and run the request in + + **Dev Tools → Console**. For example: + + + ``` + + GET kbn:/api/data_views + + ``` + + + ## Documentation source and versions + + + This documentation is derived from the `main` branch of the + [kibana](https://github.com/elastic/kibana) repository. + + It is provided under license [Attribution-NonCommercial-NoDerivatives 4.0 + International](https://creativecommons.org/licenses/by-nc-nd/4.0/). + title: Kibana Serverless APIs + version: 1.0.2 + x-doc-license: + name: Attribution-NonCommercial-NoDerivatives 4.0 International + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ + x-feedbackLink: + label: Feedback + url: >- + https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ +servers: + - url: http://{kibana_host}:{port} + variables: + kibana_host: + default: localhost + port: + default: '5601' + - url: http://localhost:5622 + - url: https://{kibana_url} + variables: + kibana_url: + default: localhost:5601 + - url: / + - url: http://KIBANA_HOST:5601 + - description: local + url: http://localhost:5601 +paths: + /api/actions: + get: + deprecated: true + operationId: '%2Fapi%2Factions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/action: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionTypeId: + description: The connector type identifier. + type: string + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - actionTypeId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + /api/actions/action/{id}: + delete: + deprecated: true + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + put: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/action/{id}/_execute: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connector_types: + get: + description: You do not need any Kibana feature privileges to run this API. + operationId: '%2Fapi%2Factions%2Fconnector_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: >- + A filter to limit the retrieved connector types to those that + support a specific feature (such as alerting or cases). + in: query + name: feature_id + required: false + schema: + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/actions/connector/{id}: + delete: + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + post: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + connector_type_id: + description: The type of connector. + type: string + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - connector_type_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + put: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/connector/{id}/_execute: + post: + description: >- + You can use this API to test an action that involves interaction with + Kibana services or integrations with third-party systems. + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connectors: + get: + operationId: '%2Fapi%2Factions%2Fconnectors#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/list_action_types: + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Flist_action_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/alerting/rule/{id}: + delete: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Delete a rule + tags: + - alerting + get: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Get rule details + tags: + - alerting + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: >- + The identifier for the rule. If it is omitted, an ID is randomly + generated. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Conditions that affect whether the action runs. If you + specify multiple conditions, all conditions must be + met for the action to run. For example, if an alert + occurs within the specified time frame and matches the + query, the action runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, `infrastructure`, + `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, + `siem`, `stackAlerts`, or `uptime`. + type: string + enabled: + default: true + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + rule_type_id: + description: The rule type identifier. + type: string + schedule: + additionalProperties: false + description: >- + The check interval, which specifies how frequently the rule + conditions are checked. + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + description: The tags for the rule. + items: + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - rule_type_id + - consumer + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. + summary: Create a rule + tags: + - alerting + put: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + items: + description: The tags for the rule. + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update a rule + tags: + - alerting + /api/alerting/rule/{id}/_disable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + untrack: + description: Defines whether this rule's alerts should be untracked. + type: boolean + x-oas-optional: true + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Disable a rule + tags: + - alerting + /api/alerting/rule/{id}/_enable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Enable a rule + tags: + - alerting + /api/alerting/rule/{id}/_mute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Mute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_unmute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Unmute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_update_api_key: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update the API key for a rule + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Mute an alert + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Unmute an alert + tags: + - alerting + /api/alerting/rules/_find: + get: + operationId: '%2Fapi%2Falerting%2Frules%2F_find#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The number of rules to return per page. + in: query + name: per_page + required: false + schema: + default: 10 + minimum: 0 + type: number + - description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: number + - description: >- + An Elasticsearch simple_query_string query that filters the objects + in the response. + in: query + name: search + required: false + schema: + type: string + - description: The default operator to use for the simple_query_string. + in: query + name: default_search_operator + required: false + schema: + default: OR + enum: + - OR + - AND + type: string + - description: The fields to perform the simple_query_string parsed query against. + in: query + name: search_fields + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - description: >- + Determines which field is used to sort the results. The field must + exist in the `attributes` key of the response. + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order. + in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - description: >- + Filters the rules that have a relation with the reference objects + with a specific type and identifier. + in: query + name: has_reference + required: false + schema: + additionalProperties: false + nullable: true + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + - in: query + name: fields + required: false + schema: + items: + description: The fields to return in the `attributes` key of the response. + type: string + type: array + - description: >- + A KQL string that you filter with an attribute from your saved + object. It should look like `savedObjectType.attributes.title: + "myTitle"`. However, if you used a direct attribute of a saved + object, such as `updatedAt`, you must define your filter, for + example, `savedObjectType.updatedAt > 2018-12-22`. + in: query + name: filter + required: false + schema: + type: string + - in: query + name: filter_consumers + required: false + schema: + items: + description: List of consumers to filter. + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + summary: Get information about rules + tags: + - alerting + /api/apm/agent_keys: + post: + description: Create a new agent key for APM. + operationId: createAgentKey + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + privileges: + items: + enum: + - event:write + - config_agent:read + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + encoded: + type: string + expiration: + format: int64 + type: integer + id: + type: string + name: + type: string + description: Agent key created successfully + summary: Create an APM agent key + tags: + - APM agent keys + /api/apm/services/{serviceName}/annotation: + post: + description: Create a new annotation for a specific service. + operationId: createAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + '@timestamp': + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + version: + type: string + tags: + items: + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _id: + type: string + _index: + type: string + _source: + type: object + properties: + '@timestamp': + type: string + annotation: + type: string + event: + type: object + properties: + created: + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + name: + type: string + version: + type: string + tags: + items: + type: string + type: array + description: Annotation created successfully + summary: Create a service annotation + tags: + - APM annotations + /api/apm/services/{serviceName}/annotation/search: + get: + description: Search for annotations related to a specific service. + operationId: getAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + - description: The environment to filter annotations by + in: query + name: environment + required: false + schema: + type: string + - description: The start date for the search + in: query + name: start + required: false + schema: + type: string + - description: The end date for the search + in: query + name: end + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + annotations: + items: + type: object + properties: + '@timestamp': + type: number + id: + type: string + text: + type: string + type: + enum: + - version + type: string + type: array + description: Successful response + summary: Search for annotations + tags: + - APM annotations + /api/asset_criticality: + delete: + description: Delete the asset criticality record for a specific entity. + operationId: DeleteAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + description: >- + True if the record was deleted or false if the record did + not exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: The deleted record if it existed. + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete an asset criticality record + tags: + - Security Solution Entity Analytics API + get: + description: Get the asset criticality record for a specific entity. + operationId: GetAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get an asset criticality record + tags: + - Security Solution Entity Analytics API + post: + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Upsert an asset criticality record + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/bulk: + post: + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: Bulk upsert asset criticality records + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/list: + get: + description: List asset criticality records, paging, sorting and filtering as needed. + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: List asset criticality records + tags: + - Security Solution Entity Analytics API + /api/data_views: + get: + operationId: getAllDataViewsDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAllDataViewsResponse: + $ref: '#/components/examples/Data_views_get_data_views_response' + schema: + type: object + properties: + data_view: + items: + type: object + properties: + id: + type: string + name: + type: string + namespaces: + items: + type: string + type: array + title: + type: string + typeMeta: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get all data views + tags: + - data views + /api/data_views/data_view: + post: + operationId: createDataViewDefaultw + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createDataViewRequest: + $ref: '#/components/examples/Data_views_create_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_create_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create a data view + tags: + - data views + /api/data_views/data_view/{viewId}: + delete: + description: | + WARNING: When you delete a data view, it cannot be recovered. + operationId: deleteDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '204': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a data view + tags: + - data views + get: + operationId: getDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDataViewResponse: + $ref: '#/components/examples/Data_views_get_data_view_response' + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a data view + tags: + - data views + post: + operationId: updateDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateDataViewRequest: + $ref: '#/components/examples/Data_views_update_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_update_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a data view + tags: + - data views + /api/data_views/data_view/{viewId}/fields: + post: + description: > + Update fields presentation metadata such as count, customLabel, + customDescription, and format. + operationId: updateFieldsMetadataDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateFieldsMetadataRequest: + $ref: '#/components/examples/Data_views_update_field_metadata_request' + schema: + type: object + properties: + fields: + description: The field object. + type: object + required: + - fields + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update data view fields metadata + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field: + post: + operationId: createRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + summary: Create a runtime field + tags: + - data views + put: + operationId: createUpdateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - description: | + The ID of the data view fields you want to update. + in: path + name: viewId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create or update a runtime field + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: + delete: + operationId: deleteRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a runtime field from a data view + tags: + - data views + get: + operationId: getRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuntimeFieldResponse: + $ref: '#/components/examples/Data_views_get_runtime_field_response' + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a runtime field + tags: + - data views + post: + operationId: updateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_update_runtime_field_request' + schema: + type: object + properties: + runtimeField: + description: | + The runtime field definition object. + + You can update following fields: + + - `type` + - `script` + type: object + required: + - runtimeField + required: true + responses: + '200': + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a runtime field + tags: + - data views + /api/data_views/default: + get: + operationId: getDefaultDataViewDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDefaultDataViewResponse: + $ref: >- + #/components/examples/Data_views_get_default_data_view_response + schema: + type: object + properties: + data_view_id: + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get the default data view + tags: + - data views + post: + operationId: setDefaultDatailViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setDefaultDataViewRequest: + $ref: '#/components/examples/Data_views_set_default_data_view_request' + schema: + type: object + properties: + data_view_id: + description: > + The data view identifier. NOTE: The API does not validate + whether it is a valid identifier. Use `null` to unset the + default data view. + nullable: true + type: string + force: + default: false + description: Update an existing default data view identifier. + type: boolean + required: + - data_view_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Set the default data view + tags: + - data views + /api/data_views/swap_references: + post: + description: > + Changes saved object references from one data view identifier to + another. WARNING: Misuse can break large numbers of saved objects! + Practicing with a backup is recommended. + operationId: swapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + swapDataViewRequest: + $ref: '#/components/examples/Data_views_swap_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleteStatus: + type: object + properties: + deletePerformed: + type: boolean + remainingRefs: + type: integer + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Swap saved object references + tags: + - data views + /api/data_views/swap_references/_preview: + post: + description: > + Preview the impact of swapping saved object references from one data + view identifier to another. + operationId: previewSwapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + previewSwapDataViewRequest: + $ref: >- + #/components/examples/Data_views_preview_swap_data_view_request + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Preview a saved object reference swap + tags: + - data views + /api/detection_engine/privileges: + get: + description: > + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Returns user privileges for the Kibana space + tags: + - Security Solution Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Delete a detection rule + tags: + - Security Solution Detections API + - Rules API + get: + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Retrieve a detection rule + tags: + - Security Solution Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Patch a detection rule + tags: + - Security Solution Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Create a detection rule + tags: + - Security Solution Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Update a detection rule + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction + parameters: + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDeleteRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDisableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEnableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkManualRuleRun + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditRules + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportActionResponse + description: OK + summary: Apply a bulk action to detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_export: + post: + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules + parameters: + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + properties: + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - rule_id + type: array + required: + - objects + required: false + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/_find: + get: + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_FindRulesSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules + parameters: + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action_connectors_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_WarningSchema + type: array + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer + required: + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/{id}/exceptions: + post: + description: Create exception items that apply to a single detection rule. + operationId: CreateRuleExceptionListItems + parameters: + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_RuleId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps + type: array + required: + - items + description: Rule exception list items + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create rule exception list items + tags: + - Security Solution Exceptions API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview + parameters: + - description: >- + Enables logging and returning in response ES queries, performed + during rule execution + in: query + name: enable_logged_requests + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - logs + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Preview rule alerts generated on specified time range + tags: + - Security Solution Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assignees: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertAssignees + description: Details about the assignees to assign and unassign. + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true + responses: + '200': + description: Indicates a successful call. + '400': + description: Invalid request. + summary: Assign and unassign users from detection alerts + tags: + - Security Solution Detections API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + description: Elasticsearch query and aggregation request + type: object + properties: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: + items: + type: string + type: array + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSort + track_total_hits: + type: boolean + description: Search and/or aggregation query + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch search response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Find and/or aggregate detection alerts + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/status: + post: + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Set a detection alert status + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertTags + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Add and remove detection alert tags + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + description: Indicates a successful call + summary: List all detection rule tags + tags: + - Security Solution Detections API + - Tags API + /api/endpoint_list: + post: + description: >- + Create an endpoint exception list, which groups endpoint exception list + items. If an endpoint exception list already exists, an empty response + is returned. + operationId: CreateEndpointList + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items: + delete: + description: >- + Delete an endpoint exception list item using the `id` or `item_id` + field. + operationId: DeleteEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Delete an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + get: + description: >- + Get the details of an endpoint exception list item using the `id` or + `item_id` field. + operationId: ReadEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + post: + description: >- + Create an endpoint exception list item, and associate it with the + endpoint exception list. + operationId: CreateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + put: + description: >- + Update an endpoint exception list item using the `id` or `item_id` + field. + operationId: UpdateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Update an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items/_find: + get: + description: Get a list of all endpoint exception list items. + operationId: FindEndpointListItems + parameters: + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get endpoint exception list items + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint/action: + get: + description: Get a list of all response actions. + operationId: EndpointGetActionsList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get response actions + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_log/{agent_id}: + get: + deprecated: true + description: Get an action request log for the specified agent ID. + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionLogRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an action request log + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_status: + get: + description: Get the status of response actions for the specified agent IDs. + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse + description: OK + summary: Get response actions status + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}: + get: + description: Get the details of a response action using the action ID. + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get action details + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}: + get: + description: Get information for the specified file using the file ID. + operationId: EndpointFileInfo + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get file information + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}/download: + get: + description: Download a file from an endpoint. + operationId: EndpointFileDownload + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Download a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/execute: + post: + description: Run a shell command on an endpoint. + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Run a command + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint. + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/isolate: + post: + description: >- + Isolate an endpoint from the network. The endpoint remains isolated + until it's released. + operationId: EndpointIsolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Isolate an endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Terminate a running process on an endpoint. + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Terminate a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get a list of all processes running on an endpoint. + operationId: EndpointGetProcessesAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get running processes + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a specific file or directory on an endpoint for malware. + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ScanRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Scan a file or directory + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/state: + get: + description: >- + Get a response actions state, which reports whether encryption is + enabled. + operationId: EndpointGetActionsState + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse + description: OK + summary: Get actions state + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint. + operationId: EndpointSuspendProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Suspend a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an isolated endpoint, allowing it to rejoin a network. + operationId: EndpointUnisolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Release an isolated endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint. + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UploadRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Upload a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata: + get: + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ListRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a metadata list + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/{id}: + get: + operationId: GetEndpointMetadata + parameters: + - in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata transforms + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy_response: + get: + operationId: GetPolicyResponse + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agentId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a policy response + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an agent policy summary + tags: + - Security Solution Endpoint Management API + /api/endpoint/protection_updates_note/{package_policy_id}: + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Get a protection updates note + tags: + - Security Solution Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Create or update a protection updates note + tags: + - Security Solution Endpoint Management API + /api/endpoint/suggestions/{suggestion_type}: + post: + operationId: GetEndpointSuggestions + parameters: + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Solution Endpoint Management API + /api/entity_store/engines: + get: + operationId: ListEntityStoreEngines + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + count: + type: integer + engines: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + type: array + description: Successful response + summary: List the Entity Store engines + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}: + delete: + operationId: DeleteEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + - description: Control flag to also delete the entity data. + in: query + name: data + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + type: boolean + description: Successful response + summary: Delete the Entity Store engine + tags: + - Security Solution Entity Analytics API + get: + operationId: GetEntityStoreEngine + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Get the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/init: + post: + operationId: InitEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + description: Schema for the engine initialization + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Initialize the Entity Store + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/start: + post: + operationId: StartEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + started: + type: boolean + description: Successful response + summary: Start the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stats: + post: + operationId: GetEntityStoreStats + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + indices: + items: + type: object + type: array + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + transforms: + items: + type: object + type: array + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + description: Successful response + summary: Get the Entity Store engine stats + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stop: + post: + operationId: StopEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + stopped: + type: boolean + description: Successful response + summary: Stop the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/entities/list: + get: + description: List entities records, paging, sorting and filtering as needed. + operationId: ListEntities + parameters: + - in: query + name: sort_field + required: false + schema: + type: string + - in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - in: query + name: per_page + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + - description: An ES query to filter by. + in: query + name: filterQuery + required: false + schema: + type: string + - in: query + name: entities_types + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + inspect: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_InspectQuery + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_Entity + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Entities returned successfully + summary: List Entity Store Entities + tags: + - Security Solution Entity Analytics API + /api/exception_lists: + delete: + description: Delete an exception list using the `id` or `list_id` field. + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list + tags: + - Security Solution Exceptions API + get: + description: Get the details of an exception list using the `id` or `list_id` field. + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list details + tags: + - Security Solution Exceptions API + post: + description: > + An exception list groups exception items and can be associated with + detection rules. You can assign detection rules with multiple exception + lists. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + default: 1 + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list + tags: + - Security Solution Exceptions API + put: + description: Update an exception list using the `id` or `list_id` field. + operationId: UpdateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_duplicate: + post: + description: Duplicate an existing exception list. + operationId: DuplicateExceptionList + parameters: + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Duplicate an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_export: + post: + description: Export an exception list and its associated items to an NDJSON file. + operationId: ExportExceptionList + parameters: + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Export an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_find: + get: + description: Get a list of all exception lists. + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception lists + tags: + - Security Solution Exceptions API + /api/exception_lists/_import: + post: + description: Import an exception list and its associated items from an NDJSON file. + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + errors: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Import an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/items: + delete: + description: Delete an exception list item using the `id` or `item_id` field. + operationId: DeleteExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list item + tags: + - Security Solution Exceptions API + get: + description: >- + Get the details of an exception list item using the `id` or `item_id` + field. + operationId: ReadExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list item + tags: + - Security Solution Exceptions API + post: + description: > + Create an exception item and associate it with the specified exception + list. + + > info + + > Before creating exception items, you must create an exception list. + operationId: CreateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list item + tags: + - Security Solution Exceptions API + put: + description: Update an exception list item using the `id` or `item_id` field. + operationId: UpdateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list item + tags: + - Security Solution Exceptions API + /api/exception_lists/items/_find: + get: + description: Get a list of all exception list items in the specified list. + operationId: FindExceptionListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false + schema: + type: string + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list items + tags: + - Security Solution Exceptions API + /api/exception_lists/summary: + get: + description: Get a summary of the specified exception list. + operationId: ReadExceptionListSummary + parameters: + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list summary + tags: + - Security Solution Exceptions API + /api/exceptions/shared: + post: + description: > + An exception list groups exception items and can be associated with + detection rules. A shared exception list can apply to multiple detection + rules. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateSharedExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + required: + - name + - description + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create a shared exception list + tags: + - Security Solution Exceptions API + /api/fleet/agent_download_sources: + get: + operationId: get-download-sources + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_download_sources' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent binary download sources + tags: + - Elastic Agent binary download sources + post: + operationId: post-download-sources + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - host + - is_default + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent binary download source + tags: + - Elastic Agent binary download sources + /api/fleet/agent_download_sources/{sourceId}: + delete: + operationId: delete-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent binary download source by ID + tags: + - Elastic Agent binary download sources + get: + operationId: get-one-download-source + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent binary download source by ID + tags: + - Elastic Agent binary download sources + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + put: + operationId: update-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - is_default + - host + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent binary download source by ID + tags: + - Elastic Agent binary download sources + /api/fleet/agent_policies: + get: + description: '' + operationId: agent-policy-list + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + - description: >- + When set to true, retrieve the related package policies for each + agent policy. + in: query + name: full + schema: + type: boolean + - description: >- + When set to true, do not count how many agents are in the agent + policy, this can improve performance if you are searching over a + large number of agent policies. The "agents" property will always be + 0 if set to true. + in: query + name: noAgentCount + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent policies + tags: + - Elastic Agent policies + post: + operationId: create-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_create_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent policy + tags: + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: + post: + operationId: bulk-get-agent-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + full: + description: get full policies with package policies populated + type: boolean + ids: + description: list of agent policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get agent policies + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: + get: + description: Get one agent policy + operationId: agent-policy-info + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + put: + operationId: update-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + post: + operationId: agent-policy-copy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + type: string + name: + type: string + required: + - name + description: '' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Copy agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + operationId: agent-policy-download + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Download agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + operationId: agent-policy-full + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + oneOf: + - type: string + - $ref: '#/components/schemas/Fleet_agent_policy_full' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/delete: + parameters: [] + post: + operationId: delete-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agentPolicyId: + type: string + force: + description: >- + bypass validation checks that can prevent agent policy + deletion + type: boolean + required: + - agentPolicyId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + success: + type: boolean + required: + - id + - success + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_status: + get: + operationId: get-agent-status + parameters: + - in: query + name: policyId + required: false + schema: + type: string + - deprecated: true + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + active: + type: integer + all: + type: integer + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + deprecated: true + type: integer + unenrolled: + type: integer + updating: + type: integer + required: + - active + - all + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agent_status/data: + get: + operationId: get-agent-data + parameters: + - in: query + name: agentsIds + required: true + schema: + items: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + additionalProperties: + type: object + properties: + data: + type: boolean + type: object + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get incoming agent data + tags: + - Elastic Agent status + /api/fleet/agent-status: + get: + deprecated: true + operationId: get-agent-status-deprecated + parameters: + - in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + type: integer + updating: + type: integer + required: + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agents: + get: + operationId: get-agents + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_show_inactive' + - $ref: '#/components/parameters/Fleet_show_upgradeable' + - $ref: '#/components/parameters/Fleet_sort_field' + - $ref: '#/components/parameters/Fleet_sort_order' + - $ref: '#/components/parameters/Fleet_with_metrics' + - in: query + name: getStatusSummary + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agents_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents + tags: + - Elastic Agents + post: + operationId: get-agents-by-actions + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionIds: + items: + type: string + type: array + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_get_by_actions' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents by action ids + tags: + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + operationId: delete-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent by ID + tags: + - Elastic Agents + get: + operationId: get-agent + parameters: + - $ref: '#/components/parameters/Fleet_with_metrics' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent by ID + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + put: + operationId: update-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + tags: + items: + type: string + type: array + user_provided_metadata: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent by ID + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: new-agent-action + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + $ref: '#/components/schemas/Fleet_agent_action' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + items: + type: number + type: array + headers: + type: string + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent action + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: reassign-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + put: + deprecated: true + operationId: reassign-agent-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/request_diagnostics: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: request-diagnostics-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Request agent diagnostics + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/unenroll: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: unenroll-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + enum: + - 400 + type: number + description: BAD REQUEST + summary: Unenroll agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/upgrade: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: upgrade-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/uploads: + get: + operationId: list-agent-uploads + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + item: + items: + $ref: '#/components/schemas/Fleet_agent_diagnostics' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent uploads + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + /api/fleet/agents/action_status: + get: + operationId: agents-action-status + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - in: query + name: errorSize + schema: + default: 5 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + latestErrors: + description: >- + latest errors that happened when the agents executed + the action + items: + type: object + properties: + agentId: + type: string + error: + type: string + timestamp: + type: string + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: string + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - POLICY_REASSIGN + - UPGRADE + - UNENROLL + - FORCE_UNENROLL + - UPDATE_TAGS + - CANCEL + - REQUEST_DIAGNOSTICS + - SETTINGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - complete + - nbAgentsActioned + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - status + - creationTime + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent action status + tags: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + parameters: + - in: path + name: actionId + required: true + schema: + type: string + post: + operationId: agent-action-cancel + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_action' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Cancel agent action + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_reassign: + post: + operationId: bulk-reassign-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + policy_id: policy_id + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + policy_id: + description: new agent policy id + type: string + required: + - policy_id + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk reassign agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_request_diagnostics: + post: + operationId: bulk-request-diagnostics + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk request diagnostics from agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_unenroll: + post: + operationId: bulk-unenroll-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + force: false + revoke: true + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk unenroll agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_update_agent_tags: + post: + operationId: bulk-update-agent-tags + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + tagsToAdd: + - newTag + tagsToRemove: + - existingTag + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk update agent tags + tags: + - Elastic Agents + /api/fleet/agents/bulk_upgrade: + post: + operationId: bulk-upgrade-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + rollout_duration_seconds: 3600 + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent + start_time: '2022-08-03T14:00:00.000Z' + version: 8.4.0 + schema: + $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk upgrade agents + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}: + delete: + operationId: delete-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + deleted: + type: boolean + id: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + /api/fleet/agents/files/{fileId}/{fileName}: + get: + operationId: get-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + items: + type: object + properties: + body: {} + headers: {} + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + /api/fleet/agents/setup: + get: + operationId: get-agents-setup-status + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_status_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent setup info + tags: + - Elastic Agents + post: + operationId: setup-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + admin_password: + type: string + admin_username: + type: string + required: + - admin_username + - admin_password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Initiate agent setup + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + operationId: get-agent-tags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agent_tags_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent tags + tags: + - Elastic Agents + /api/fleet/data_streams: + get: + operationId: data-streams-list + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_streams: + items: + $ref: '#/components/schemas/Fleet_data_stream' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List data streams + tags: + - Data streams + parameters: [] + /api/fleet/enrollment_api_keys: + get: + operationId: get-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + operationId: create-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + description: The name of the enrollment API key. Must be unique. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + operationId: delete-enrollment-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Revoke enrollment API key by ID by marking it as inactive + tags: + - Fleet enrollment API keys + get: + operationId: get-enrollment-api-key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: get-enrollment-api-keys-deprecated + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + deprecated: true + operationId: create-enrollment-api-keys-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: delete-enrollment-api-key-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete enrollment API key by ID + tags: + - Fleet enrollment API keys + get: + deprecated: true + operationId: get-enrollment-api-key-deprecated + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/epm/bulk_assets: + post: + operationId: bulk-get-assets + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assetIds: + description: list of items necessary to fetch assets + items: + type: object + properties: + id: + type: string + type: + type: string + type: array + required: + - assetIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_bulk_assets_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get assets + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + operationId: get-package-categories + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_categories_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package categories + tags: + - Elastic Package Manager (EPM) + parameters: + - description: >- + Whether to include prerelease packages in categories count (e.g. beta, + rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: include_policy_templates + schema: + default: false + type: boolean + /api/fleet/epm/packages: + get: + operationId: list-all-packages + parameters: + - description: >- + Whether to exclude the install status of each package. Enabling this + option will opt in to caching for the response via `cache-control` + headers. If you don't need up-to-date installation info for a + package, and are querying for a list of available packages, + providing this flag can improve performance substantially. + in: query + name: excludeInstallStatus + schema: + default: false + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: category + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List packages + tags: + - Elastic Package Manager (EPM) + post: + description: '' + operationId: install-package-by-upload + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - upload + - registry + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '429': + $ref: '#/components/responses/Fleet_error' + summary: Install by package by direct upload + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + operationId: bulk-install-packages + parameters: + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + description: force install to ignore package verification errors + type: boolean + packages: + description: list of packages to install + items: + oneOf: + - description: package name + type: string + - type: object + properties: + name: + description: package name + type: string + version: + description: package version + type: string + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_bulk_install_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk install packages + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: delete-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete ackage + tags: + - Elastic Package Manager (EPM) + get: + deprecated: true + operationId: get-package-deprecated + parameters: + - in: path + name: pkgkey + required: true + schema: + type: string + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + response: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + savedObject: + type: string + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + post: + deprecated: true + description: '' + operationId: install-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + operationId: delete-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: delete package even if policies used by agents + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + deprecated: true + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package + tags: + - Elastic Package Manager (EPM) + get: + operationId: get-package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + item: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + licensePath: + type: string + notice: + type: string + savedObject: + deprecated: true + type: object + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + - description: >- + Return all fields from the package manifest, not just those supported + by the Elastic Package Registry + in: query + name: full + schema: + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + post: + description: '' + operationId: install-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + ignore_constraints: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - registry + - upload + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + put: + description: '' + operationId: update-package + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + keepPoliciesUpToDate: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package settings + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: + get: + operationId: packages-get-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package file + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: '' + operationId: reauthorize-transforms + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: >- + Whether to include prerelease packages in categories count (e.g. + beta, rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + transforms: + items: + type: object + properties: + transformId: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + error: + type: string + success: + type: boolean + transformId: + type: string + required: + - transformId + - error + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Authorize transforms + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + operationId: get-package-stats + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + $ref: '#/components/schemas/Fleet_package_usage_stats' + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package stats + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + /api/fleet/epm/packages/limited: + get: + operationId: list-limited-packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: string + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get limited package list + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + operationId: get-inputs-template + responses: + '200': + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get inputs template + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Format of response - json or yaml + in: query + name: format + schema: + enum: + - json + - yaml + - yml + type: string + - description: Specify if version is prerelease + in: query + name: prerelease + schema: + type: boolean + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + /api/fleet/epm/verification_key_id: + get: + operationId: packages-get-verification-key-id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + id: + description: >- + the key ID of the GPG key used to verify package + signatures + nullable: true + type: string + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package signature verification key ID + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/fleet_server_hosts: + get: + operationId: get-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_fleet_server_host' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List Fleet Server hosts + tags: + - Fleet Server hosts + post: + operationId: post-fleet-server-hosts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create Fleet Server host + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + operationId: delete-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete Fleet Server host by ID + tags: + - Fleet Server hosts + get: + operationId: get-one-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get Fleet Server host by ID + tags: + - Fleet Server hosts + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update Fleet Server host by ID + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + operationId: fleet-server-health-check + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + type: string + required: + - id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + description: Fleet Server host id + type: string + status: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Fleet Server health check + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + operationId: get-full-k8s-manifest + parameters: + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full K8s agent manifest + tags: + - Fleet Kubernetes + /api/fleet/logstash_api_keys: + post: + operationId: generate-logstash-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Generate Logstash API key + tags: + - Fleet outputs + /api/fleet/outputs: + get: + operationId: get-outputs + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_output_create_request' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List outputs + tags: + - Fleet outputs + post: + operationId: post-outputs + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_create_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create output + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + operationId: delete-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete output by ID + tags: + - Fleet outputs + get: + operationId: get-output + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get output by ID + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + put: + operationId: update-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_update_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update output by ID + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + operationId: get-output-health + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get latest output health + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + /api/fleet/package_policies: + get: + operationId: get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package policies + tags: + - Fleet package policies + parameters: [] + post: + operationId: create-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + description: >- + You should use inputs as an object and not use the deprecated inputs + array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Create package policy + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + operationId: bulk-get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get package policies + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + operationId: delete-package-policy + parameters: + - in: query + name: force + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy by ID + tags: + - Fleet package policies + get: + operationId: get-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package policy by ID + tags: + - Fleet package policies + parameters: + - in: path + name: packagePolicyId + required: true + schema: + type: string + put: + operationId: update-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + sucess: + type: boolean + required: + - item + - sucess + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package policy by ID + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + operationId: post-delete-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + operationId: upgrade-package-policy + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade package policy to a newer package version + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + operationId: upgrade-package-policy-dry-run + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + agent_diff: + $ref: '#/components/schemas/Fleet_upgrade_agent_diff' + diff: + $ref: '#/components/schemas/Fleet_upgrade_diff' + hasErrors: + type: boolean + required: + - hasErrors + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Dry run package policy upgrade + tags: + - Fleet package policies + /api/fleet/proxies: + get: + operationId: get-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_proxies' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List proxies + tags: + - Fleet proxies + post: + operationId: post-fleet-proxies + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create proxy + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + operationId: delete-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete proxy by ID + tags: + - Fleet proxies + get: + operationId: get-one-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get proxy by ID + tags: + - Fleet proxies + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update proxy by ID + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + operationId: generate-service-token + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + operationId: generate-service-token-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/settings: + get: + operationId: get-settings + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get settings + tags: + - Fleet internals + put: + operationId: update-settings + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + description: Protocol and path must be the same for each URL + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update settings + tags: + - Fleet internals + /api/fleet/setup: + post: + operationId: setup + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + description: Internal Server Error + summary: Initiate Fleet setup + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + operationId: get-uninstall-tokens + parameters: + - description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + minimum: 5 + type: integer + - $ref: '#/components/parameters/Fleet_page_index' + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List metadata for latest uninstall tokens per agent policy + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + operationId: get-uninstall-token + parameters: + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + token: + type: string + required: + - id + - token + - policy_id + - created_at + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get one decrypted uninstall token by its ID + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list + tags: + - Security Solution Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list details + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list + tags: + - Security Solution Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list + tags: + - Security Solution Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list + tags: + - Security Solution Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListsCursor + data: + items: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get lists + tags: + - Security Solution Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete list data streams + tags: + - Security Solution Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Solution Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create list data streams + tags: + - Security Solution Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list item + tags: + - Security Solution Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get a list item + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list item + tags: + - Security Solution Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list item + tags: + - Security Solution Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list item + tags: + - Security Solution Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Export list items + tags: + - Security Solution Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsFilter + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list items + tags: + - Security Solution Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Import list items + tags: + - Security Solution Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemPrivileges + lists: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListPrivileges + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list privileges + tags: + - Security Solution Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models. This API runs automatically when you start Kibana and + periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync machine learning saved objects + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DocumentIds' + - in: query + name: page + schema: + nullable: true + type: number + - in: query + name: perPage + schema: + nullable: true + type: number + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + type: object + properties: + code: + type: number + message: + type: string + note: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Note + required: + - code + - message + - note + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Solution Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Solution Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Solution Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindPacksRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Solution Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Solution Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Solution Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Solution Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Solution Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Solution Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Solution Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Solution Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Solution Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Solution Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + - type: object + properties: + code: + type: number + message: + type: string + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Solution Timeline API + - access:securitySolution + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Solution Entity Analytics API + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_request + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_export_objects_response + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_request + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: >- + #/components/examples/Serverless_saved_objects_import_objects_response + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Serverless_saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineStatus + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - persistTimeline + required: + - data + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Readable + - type: object + properties: + hapi: + type: object + properties: + filename: + type: string + headers: + type: object + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - filename + - headers + required: + - hapi + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + type: array + timelinesToInstall: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + timelinesToUpdate: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SortFieldTimeline + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timelines + - totalCount + - defaultTimelineCount + - templateTimelineCount + - favoriteCount + - elasticTemplateTimelineCount + - customTemplateTimelineCount + required: + - data + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + servers: + - url: https://localhost:5601 + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + servers: + - url: https://localhost:5601 + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Serverless_saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Serverless_saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Serverless_saved_objects_import_objects_request: + value: + file: file.ndjson + Serverless_saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + parameters: + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Fleet_format: + description: Simplified or legacy format for package inputs + in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + Fleet_kbn_xsrf: + description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. + in: header + name: kbn-xsrf + required: true + schema: + type: string + Fleet_kuery: + in: query + name: kuery + required: false + schema: + type: string + Fleet_page_index: + in: query + name: page + required: false + schema: + default: 1 + type: integer + Fleet_page_size: + description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + type: integer + Fleet_show_inactive: + in: query + name: showInactive + required: false + schema: + type: boolean + Fleet_show_upgradeable: + in: query + name: showUpgradeable + required: false + schema: + type: boolean + Fleet_sort_field: + in: query + name: sortField + required: false + schema: + deprecated: true + type: string + Fleet_sort_order: + in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string + Fleet_with_metrics: + description: Return agent metrics, false by default + in: query + name: withMetrics + required: false + schema: + type: boolean + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Serverless_saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + responses: + Fleet_error: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + schemas: + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd + type: string + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Fleet_agent: + title: Agent + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + components: + items: + $ref: '#/components/schemas/Fleet_agent_component' + type: array + default_api_key: + type: string + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + local_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + metrics: + type: object + properties: + cpu_avg: + description: >- + Average agent CPU usage during the last 5 minutes, number + between 0-1 + type: number + memory_size_byte_avg: + description: Average agent memory consumption during the last 5 minutes + type: number + policy_id: + type: string + policy_revision: + type: number + status: + $ref: '#/components/schemas/Fleet_agent_status' + type: + $ref: '#/components/schemas/Fleet_agent_type' + unenrolled_at: + type: string + unenrollment_started_at: + type: string + user_provided_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + required: + - type + - active + - enrolled_at + - id + - status + Fleet_agent_action: + oneOf: + - properties: + ack_data: + type: string + data: + type: string + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + - properties: + data: + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + type: + type: string + title: Agent action + Fleet_agent_component: + title: Agent component + type: object + properties: + id: + type: string + message: + type: string + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + type: string + units: + items: + $ref: '#/components/schemas/Fleet_agent_component_unit' + type: array + Fleet_agent_component_status: + enum: + - starting + - configuring + - healthy + - degraded + - failed + - stopping + - stopped + title: Agent component status + type: string + Fleet_agent_component_unit: + title: Agent component unit + type: object + properties: + id: + type: string + message: + type: string + payload: + type: object + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + $ref: '#/components/schemas/Fleet_agent_component_unit_type' + Fleet_agent_component_unit_type: + enum: + - input + - output + title: Agent component unit type + type: string + Fleet_agent_diagnostics: + title: Agent diagnostics + type: object + properties: + actionId: + type: string + createTime: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - IN_PROGRESS + required: + - id + - name + - createTime + - filePath + - actionId + - status + Fleet_agent_get_by_actions: + items: + items: + type: string + type: array + title: Agents get by action ids + type: array + Fleet_agent_metadata: + title: Agent metadata + type: object + Fleet_agent_policy: + title: Agent Policy + type: object + properties: + advanced_settings: + description: >- + Advanced settings stored in the agent policy, e.g. + agent_limits_go_max_procs + nullable: true + type: object + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + description: >- + Indicates whether the agent policy has tamper protection enabled. + Default false. + type: boolean + keep_monitoring_alive: + description: >- + When set to true, monitoring will be enabled but logs/metrics + collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + type: string + namespace: + type: string + overrides: + description: >- + Override settings that are defined in the agent policy. Input + settings cannot be overridden. The override option should be used + only in unusual circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + description: >- + This field is present only when retrieving a single agent policy, or + when retrieving a list of agent policies with the ?full=true + parameter + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + revision: + type: number + supports_agentless: + description: >- + Indicates whether the agent policy supports agentless integrations. + Only allowed in a serverless environment. + type: boolean + unenroll_timeout: + type: integer + unprivileged_agents: + type: number + updated_by: + type: string + updated_on: + format: date-time + type: string + required: + - id + - status + - name + - namespace + Fleet_agent_policy_create_request: + title: Create agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_policy_full: + oneOf: + - type: object + properties: + item: + type: string + - type: object + properties: + item: + $ref: '#/components/schemas/Fleet_full_agent_policy' + title: Agent policy full response + type: object + Fleet_agent_policy_update_request: + title: Update agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_status: + enum: + - offline + - error + - online + - inactive + - warning + title: Elastic Agent status + type: string + Fleet_agent_type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + title: Agent type + type: string + Fleet_bulk_install_packages_response: + title: Bulk install packages response + type: object + properties: + items: + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + response: + deprecated: true + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + required: + - items + Fleet_bulk_upgrade_agents: + title: Bulk upgrade agents + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + rollout_duration_seconds: + description: rolling upgrade window duration in seconds + type: number + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + description: alternative upgrade binary download url + type: string + start_time: + description: start time of upgrade in ISO 8601 format + type: string + version: + description: version to upgrade to + type: string + required: + - agents + - version + Fleet_data_stream: + title: Data stream + type: object + properties: + dashboard: + items: + type: object + properties: + id: + type: string + title: + type: string + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + size_in_bytes: + type: number + size_in_bytes_formatted: + type: string + type: + type: string + Fleet_download_sources: + title: Download Source + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the proxies + API for more information. + nullable: true + type: string + required: + - is_default + - name + - host + Fleet_elasticsearch_asset_type: + enum: + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + title: Elasticsearch asset type + type: string + Fleet_enrollment_api_key: + title: Enrollment API key + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and cannot be used for + enrolling Elastic Agents. + type: boolean + api_key: + description: The enrollment API key (token) used for enrolling Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: The ID of the agent policy the Elastic Agent will be enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + Fleet_fleet_server_host: + title: Fleet Server Host + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + type: string + required: + - fleet_server_hosts + - id + - is_default + - is_preconfigured + - host_urls + Fleet_fleet_settings_response: + title: Fleet settings response + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_settings' + required: + - item + Fleet_fleet_setup_response: + title: Fleet Setup response + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + Fleet_fleet_status_response: + title: Fleet status response + type: object + properties: + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features + Fleet_full_agent_policy: + title: Full agent policy + type: object + properties: + agent: + nullable: true + type: string + fleet: + oneOf: + - type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + - type: object + properties: + kibana: + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + id: + type: string + inputs: + type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + output_permissions: + additionalProperties: + type: object + properties: + data: + $ref: >- + #/components/schemas/Fleet_full_agent_policy_output_permissions + output: + type: integer + type: object + outputs: + additionalProperties: + $ref: '#/components/schemas/Fleet_full_agent_policy_output' + type: object + revision: + type: number + secret_references: + items: + type: object + properties: + id: + type: string + type: array + required: + - id + - outputs + - inputs + Fleet_full_agent_policy_input: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + revision: + type: number + streams: + $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + title: Full agent policy input + Fleet_full_agent_policy_input_stream: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + - type + id: + type: string + required: + - id + - data_stream + title: Full agent policy input stream + Fleet_full_agent_policy_output: + title: Full agent policy + type: object + properties: + additionalProperties: + type: object + properties: + text: {} + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: {} + required: + - type + - hosts + - ca_sha256 + Fleet_full_agent_policy_output_permissions: + additionalProperties: + type: object + properties: + data: + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + type: object + properties: + names: + items: + type: string + type: array + privileges: + items: + type: string + type: array + type: array + packagePolicyName: + type: string + title: Full agent policy output permissions + Fleet_get_agent_tags_response: + title: Get Agent Tags response + type: object + properties: + items: + items: + type: string + type: array + Fleet_get_agents_response: + title: Get Agent response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + page: + type: number + perPage: + type: number + statusSummary: + type: object + properties: + degraded': + type: number + enrolling: + type: number + error: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + unenrolled: + type: number + unenrolling: + type: number + updating: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + Fleet_get_bulk_assets_response: + deprecated: true + properties: + items: + items: + type: object + properties: + appLink: + type: string + attributes: + type: object + properties: + description: + type: string + title: + type: string + id: + type: string + type: + $ref: '#/components/schemas/Fleet_saved_object_type' + updatedAt: + type: string + type: array + required: + - items + title: Bulk get assets response + type: object + Fleet_get_categories_response: + title: Get categories response + type: object + properties: + items: + items: + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + Fleet_get_packages_response: + title: Get Packages response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + response: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + required: + - items + Fleet_installation_info: + title: Installation info object + type: object + properties: + created_at: + type: string + experimental_data_stream_features: + type: array + properties: + data_stream: + type: string + features: + type: object + properties: + doc_value_only_numeric: + nullable: true + type: boolean + doc_value_only_other: + nullable: true + type: boolean + synthetic_source: + nullable: true + type: boolean + tsdb: + nullable: true + type: boolean + install_format_schema_version: + type: string + install_kibana_space_id: + type: string + install_source: + enum: + - registry + - upload + - bundled + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' + installed_kibana: + type: object + properties: + id: + type: string + type: + $ref: '#/components/schemas/Fleet_kibana_saved_object_type' + latest_executed_state: + description: Latest successfully executed state in package install state machine + type: object + properties: + error: + type: string + name: + enum: + - create_restart_installation + - install_kibana_assets + - install_ilm_policies + - install_ml_model + - install_index_template_pipelines + - remove_legacy_templates + - update_current_write_indices + - install_transforms + - delete_previous_pipelines + - save_archive_entries_from_assets_map + - update_so + type: string + started_at: + type: string + latest_install_failed_attempts: + description: Latest failed install errors + items: + type: object + properties: + created_at: + type: string + error: + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + target_version: + type: string + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - verified + - unverified + - unknown + type: string + version: + type: string + required: + - installed_kibana + - installed_es + - name + - version + - install_status + - install_version + - install_started_at + - install_source + - verification_status + - latest_install_failed_attempts + Fleet_kibana_saved_object_type: + enum: + - dashboard + - visualization + - search + - index-pattern + - map + - lens + - ml-module + - security-rule + - csp_rule_template + title: Kibana saved object asset type + type: string + Fleet_new_package_policy: + description: '' + properties: + description: + type: string + enabled: + type: boolean + inputs: + items: + type: object + properties: + config: + type: object + enabled: + type: boolean + processors: + items: + type: string + type: array + streams: + items: {} + type: array + type: + type: string + vars: + type: object + required: + - type + - enabled + type: array + name: + type: string + namespace: + type: string + output_id: + type: string + overrides: + type: object + package: + type: object + properties: + name: + type: string + requires_root: + type: boolean + title: + type: string + version: + type: string + required: + - name + - version + policy_id: + deprecated: true + nullable: true + type: string + policy_ids: + items: + type: string + type: array + required: + - inputs + - name + title: New package policy + type: object + Fleet_output_create_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_create_request_kafka' + logstash: '#/components/schemas/Fleet_output_create_request_logstash' + remote_elasticsearch: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_create_request_kafka' + - $ref: '#/components/schemas/Fleet_output_create_request_logstash' + - $ref: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + title: Output + Fleet_output_create_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + Fleet_output_create_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + secrets: + type: object + properties: + password: + type: string + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + - type + - topics + - auth_type + - hosts + Fleet_output_create_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + secrets: + type: object + properties: + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + - hosts + - type + Fleet_output_create_request_remote_elasticsearch: + title: remote_elasticsearch + type: object + properties: + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + secrets: + type: object + properties: + service_token: + type: string + service_token: + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + Fleet_output_update_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_update_request_kafka' + logstash: '#/components/schemas/Fleet_output_update_request_logstash' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_update_request_kafka' + - $ref: '#/components/schemas/Fleet_output_update_request_logstash' + title: Output + Fleet_output_update_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - hosts + - type + Fleet_output_update_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + Fleet_output_update_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + Fleet_package_info: + title: Package information + type: object + properties: + assets: + items: + type: string + type: array + categories: + items: + type: string + type: array + conditions: + type: object + properties: + elasticsearch: + type: object + properties: + subscription: + enum: + - basic + - gold + - platinum + - enterprise + type: string + kibana: + type: object + properties: + versions: + type: string + data_streams: + items: + type: object + properties: + ingeset_pipeline: + type: string + name: + type: string + package: + type: string + release: + type: string + title: + type: string + type: + type: string + vars: + items: + type: object + properties: + default: + type: string + name: + type: string + required: + - name + - default + type: array + required: + - title + - name + - release + - ingeset_pipeline + - type + - package + type: array + description: + type: string + download: + type: string + elasticsearch: + type: object + properties: + privileges: + type: object + properties: + cluster: + items: + type: string + type: array + format_version: + type: string + icons: + items: + type: string + type: array + internal: + type: boolean + name: + type: string + path: + type: string + readme: + type: string + release: + deprecated: true + description: >- + release label is deprecated, derive from the version instead + (packages follow semver) + enum: + - experimental + - beta + - ga + type: string + screenshots: + items: + type: object + properties: + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + - path + type: array + source: + type: object + properties: + license: + enum: + - Apache-2.0 + - Elastic-2.0 + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - name + - title + - version + - description + - type + - categories + - conditions + - assets + - format_version + - download + - path + Fleet_package_policy: + allOf: + - type: object + properties: + id: + type: string + inputs: + oneOf: + - items: {} + type: array + - type: object + revision: + type: number + required: + - id + - revision + - $ref: '#/components/schemas/Fleet_new_package_policy' + title: Package policy + Fleet_package_policy_request: + title: Package Policy Request + type: object + properties: + description: + description: Package policy description + example: my description + type: string + force: + description: >- + Force package policy creation even if package is not verified, or if + the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that stream, (default to true) + type: boolean + vars: + description: >- + Stream level variable (see integration documentation for + more information) + type: object + description: >- + Input streams (see integration documentation to know what + streams are available) + type: object + vars: + description: >- + Input level variable (see integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration documentation to know what + inputs are available) + example: + nginx-logfile: + enabled: true + streams: + nginx.access: + enabled: true + vars: + ignore_older: 72h + paths: + - /var/log/nginx/access.log* + preserve_original_event: false + tags: + - nginx-access + type: object + name: + description: Package policy name (should be unique) + example: nginx-123 + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the agent + policy's namespace. + example: customnamespace + type: string + output_id: + description: Output ID to send package data to + example: output-id + nullable: true + type: string + overrides: + description: >- + Override settings that are defined in the package policy. The + override option should be used only in unusual circumstances and not + as a routine procedure. + nullable: true + type: object + properties: + inputs: + type: object + package: + type: object + properties: + name: + description: Package name + example: nginx + type: string + version: + description: Package version + example: 1.6.0 + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + example: agent-policy-id + nullable: true + type: string + policy_ids: + description: Agent policy IDs where that package policy will be added + example: + - agent-policy-id + items: + type: string + type: array + vars: + description: >- + Package root level variable (see integration documentation for more + information) + type: object + required: + - name + - package + Fleet_package_usage_stats: + title: Package usage stats + type: object + properties: + agent_policy_count: + type: integer + required: + - agent_policy_count + Fleet_proxies: + title: Fleet Proxy + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + Fleet_saved_object_type: + oneOf: + - enum: + - dashboard + - visualization + - search + - index_pattern + - map + - lens + - security_rule + - csp_rule_template + - ml_module + - tag + - osquery_pack_asset + - osquery_saved_query + type: string + - enum: + - index + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + - ml_model + type: string + title: Saved Object type + Fleet_search_result: + title: Search result + type: object + properties: + description: + type: string + download: + type: string + icons: + type: string + installationInfo: + $ref: '#/components/schemas/Fleet_installation_info' + name: + type: string + path: + type: string + savedObject: + deprecated: true + type: object + status: + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - description + - download + - icons + - name + - path + - title + - type + - version + - status + Fleet_settings: + title: Settings + type: object + properties: + fleet_server_hosts: + deprecated: true + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + prerelease_integrations_enabled: + type: boolean + required: + - fleet_server_hosts + - id + Fleet_upgrade_agent: + title: Upgrade agent + type: object + properties: + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + type: string + version: + type: string + required: + - version + Fleet_upgrade_agent_diff: + items: + items: + $ref: '#/components/schemas/Fleet_full_agent_policy_input' + type: array + title: Package policy Upgrade dryrun + type: array + Fleet_upgrade_diff: + items: + allOf: + - $ref: '#/components/schemas/Fleet_package_policy' + - allOf: + - $ref: '#/components/schemas/Fleet_new_package_policy' + - type: object + properties: + errors: + items: + type: object + properties: + key: + type: string + message: + type: string + type: array + missingVars: + items: + type: string + type: array + type: object + title: Package policy Upgrade dryrun + type: array + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. + type: string + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. + type: string + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. + type: string + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: If saved objects are missing for trained models, they are created. + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: Could be any string, not necessarily a UUID + type: string + transactionId: + description: Could be any string, not necessarily a UUID + type: string + Security_AI_Assistant_API_User: + description: Could be any string, not necessarily a UUID + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Solution_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - add + - remove + Security_Solution_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Solution_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Solution_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Solution_Detections_API_AlertsSort: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + - items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + type: array + Security_Solution_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Solution_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Solution_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + group_by: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionGroupBy + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Solution_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Solution_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Solution_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTag' + type: array + Security_Solution_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Solution_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Solution_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadSchedule + Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + lookback: + description: Lookback time for the rule + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + required: + - interval + - lookback + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleTagArray' + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Solution_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Solution_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditSkipReason + required: + - id + - skip_reason + Security_Solution_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Solution_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Solution_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Solution_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayload + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Solution_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Solution_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkExportActionResponse: + type: string + Security_Solution_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run + type: string + start_date: + description: Start date of the manual rule run + type: string + required: + - start_date + required: + - action + - run + Security_Solution_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Solution_Detections_API_DataViewId: + type: string + Security_Solution_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Solution_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Solution_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_DefaultParams + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ProcessesParams + required: + - action_type_id + - params + Security_Solution_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + event_category_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EventCategoryOverride + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + tiebreaker_field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TiebreakerField + timestamp_field: + $ref: '#/components/schemas/Security_Solution_Detections_API_TimestampField' + Security_Solution_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Solution_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Solution_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleResponseFields + Security_Solution_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchFields + Security_Solution_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - error + Security_Solution_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Solution_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleResponseFields + Security_Solution_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + type: + description: Rule type + enum: + - esql + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + Security_Solution_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Solution_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EventCategoryOverride: + type: string + Security_Solution_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Solution_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Solution_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Solution_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Solution_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - field_names + Security_Solution_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Solution_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Solution_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Solution_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Solution_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Solution_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Solution_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Solution_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleResponseFields + Security_Solution_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchFields + Security_Solution_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Solution_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Solution_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleResponseFields + Security_Solution_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsFields + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchFields + Security_Solution_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Solution_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + required: + - id + - params + Security_Solution_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Solution_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Solution_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Solution_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Solution_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid + type: string + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Solution_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleResponseFields + Security_Solution_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + Security_Solution_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchFields + Security_Solution_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Solution_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + required: + - query + - language + Security_Solution_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - package + - version + Security_Solution_Detections_API_RelatedIntegrationArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegration + type: array + Security_Solution_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Solution_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RequiredField' + type: array + Security_Solution_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Solution_Detections_API_ResponseAction: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_OsqueryResponseAction + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EndpointResponseAction + Security_Solution_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionSummary + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + immutable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleImmutable + required_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldArray + revision: + minimum: 0 + type: integer + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_source: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Solution_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Solution_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Solution_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + uuid: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Solution_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionNotifyWhen + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Solution_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Solution_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Solution_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Solution_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Solution_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: Time interval in seconds, minutes, hours, or days. + example: 1h + pattern: ^[1-9]\d*[smhd]$ + type: string + Security_Solution_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleCreateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Solution_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExceptionListType + required: + - id + - list_id + - type + - namespace_type + Security_Solution_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Solution_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Solution_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Solution_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time + type: string + message: + type: string + metrics: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionMetrics + status: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatus + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Solution_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Solution_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Solution_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Solution_Detections_API_RuleIntervalTo: + type: string + Security_Solution_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Solution_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleName: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Solution_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Solution_Detections_API_UUID' + Security_Solution_Detections_API_RulePatchProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRulePatchProps + Security_Solution_Detections_API_RulePreviewLoggedRequest: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + duration: + type: integer + request: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - request + Security_Solution_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + requests: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLoggedRequest + type: array + startedAt: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - errors + - warnings + - duration + Security_Solution_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Solution_Detections_API_RuleQuery: + type: string + Security_Solution_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdRule' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRule + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRule + - $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleSignatureId: + description: Could be any string, not necessarily a UUID + type: string + Security_Solution_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExternalRuleSource + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_InternalRuleSource + Security_Solution_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Solution_Detections_API_RuleUpdateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleUpdateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Solution_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Solution_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Solution_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Solution_Detections_API_SavedQueryId: + type: string + Security_Solution_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleResponseFields + Security_Solution_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryId + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchFields + Security_Solution_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Solution_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Solution_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - query + - status + Security_Solution_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Solution_Detections_API_SetupGuide: + type: string + Security_Solution_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Solution_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Solution_Detections_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Solution_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework + type: string + tactic: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatTechnique + type: array + required: + - framework + - tactic + Security_Solution_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threat' + type: array + Security_Solution_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Solution_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Solution_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Solution_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: + enum: + - mapping + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Solution_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleResponseFields + Security_Solution_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + concurrent_searches: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ConcurrentSearches + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + items_per_search: + $ref: '#/components/schemas/Security_Solution_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndicatorPath + threat_language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndex + threat_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMapping + threat_query: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatQuery + type: + description: Rule type + enum: + - threat_match + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchFields + Security_Solution_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Solution_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Solution_Detections_API_ThreatSubtechnique: + type: object + properties: + id: + description: Subtechnique ID + type: string + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTactic: + type: object + properties: + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTechnique: + type: object + properties: + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatSubtechnique + type: array + required: + - id + - name + - reference + Security_Solution_Detections_API_Threshold: + type: object + properties: + cardinality: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdCardinality + field: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdValue' + required: + - field + - value + Security_Solution_Detections_API_ThresholdAlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Solution_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Solution_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleResponseFields + Security_Solution_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchFields + Security_Solution_Detections_API_ThresholdRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + required: + - type + - query + - threshold + Security_Solution_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Solution_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Solution_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Solution_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Solution_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Solution_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Solution_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Solution_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Solution_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Detections_API_WarningSchema: + type: object + properties: + actionPath: + type: string + buttonLabel: + type: string + message: + type: string + type: + type: string + required: + - type + - message + - actionPath + Security_Solution_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionList + - additionalProperties: false + type: object + Security_Solution_Endpoint_Exceptions_API_EndpointListItem: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItem + Security_Solution_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Endpoint_Exceptions_API_ExceptionListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + created_at: + format: date-time + type: string + created_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + updated_at: + format: date-time + type: string + updated_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - id + - comment + - created_at + - created_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + list: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListId + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListType + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + page_size: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PageSize + start_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Solution_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Solution_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NonEmptyString + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Command' + type: array + Security_Solution_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Solution_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Solution_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_EntityId: + type: object + properties: + entity_id: + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + agentTypes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + commands: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Commands + endDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + types: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Types' + userIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UserIds + withOutputs: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_WithOutputs + Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + - type: object + properties: + process_name: + description: Valid for SentinelOne agent type only + minLength: 1 + type: string + required: + - parameters + Security_Solution_Endpoint_Management_API_ListRequestQuery: + type: object + properties: + hostStatuses: + items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled + type: string + type: array + kuery: + nullable: true + type: string + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true + type: string + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin + type: string + required: + - hostStatuses + Security_Solution_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Management_API_NoParametersRequestSchema: + type: object + properties: + body: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: + - body + Security_Solution_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Solution_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Solution_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Solution_Endpoint_Management_API_Pid: + type: object + properties: + pid: + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: + type: string + Security_Solution_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Solution_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + required: + - parameters + Security_Solution_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Solution_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + file: + format: binary + type: string + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Solution_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: + type: string + required: + - message + - index + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Solution_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Solution_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Solution_Entity_Analytics_API_EngineDescriptor: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + Security_Solution_Entity_Analytics_API_EngineStatus: + enum: + - installing + - started + - stopped + type: string + Security_Solution_Entity_Analytics_API_Entity: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_UserEntity + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_HostEntity + Security_Solution_Entity_Analytics_API_EntityType: + enum: + - user + - host + type: string + Security_Solution_Entity_Analytics_API_HostEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + host: + type: object + properties: + architecture: + items: + type: string + type: array + domain: + items: + type: string + type: array + hostname: + items: + type: string + type: array + id: + items: + type: string + type: array + ip: + items: + type: string + type: array + mac: + items: + type: string + type: array + name: + type: string + type: + items: + type: string + type: array + required: + - name + Security_Solution_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Solution_Entity_Analytics_API_IndexPattern: + type: string + Security_Solution_Entity_Analytics_API_InspectQuery: + type: object + properties: + dsl: + items: + type: string + type: array + response: + items: + type: string + type: array + required: + - dsl + - response + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: + type: object + properties: + full_error: + type: string + message: + type: string + required: + - message + - full_error + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse: + type: object + properties: + success: + type: boolean + Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse: + description: Task manager is unavailable + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + Security_Solution_Entity_Analytics_API_UserEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + user: + type: object + properties: + domain: + items: + type: string + type: array + email: + items: + type: string + type: array + full_name: + items: + type: string + type: array + hash: + items: + type: string + type: array + id: + items: + type: string + type: array + name: + type: string + roles: + items: + type: string + type: array + required: + - name + Security_Solution_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + Security_Solution_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Solution_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: array + Security_Solution_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + required: + - error + Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Solution_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Solution_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_UUID' + Security_Solution_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListItemsFilter: + type: string + Security_Solution_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListsFilter: + type: string + Security_Solution_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer + required: + - id + - type + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItem: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListName: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueriesItem' + type: array + Security_Solution_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + Security_Solution_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + name: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackName' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Solution_Osquery_API_Description: + type: string + Security_Solution_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Description' + nullable: true + Security_Solution_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMappingItem' + type: object + Security_Solution_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMapping' + nullable: true + Security_Solution_Osquery_API_Enabled: + type: boolean + Security_Solution_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Enabled' + nullable: true + Security_Solution_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_Id: + type: string + Security_Solution_Osquery_API_Interval: + type: string + Security_Solution_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + nullable: true + Security_Solution_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueriesItem' + type: object + Security_Solution_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_PackId: + type: string + Security_Solution_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + nullable: true + Security_Solution_Osquery_API_PackName: + type: string + Security_Solution_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_Platform: + type: string + Security_Solution_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Platform' + nullable: true + Security_Solution_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Solution_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PolicyIds' + nullable: true + Security_Solution_Osquery_API_Query: + type: string + Security_Solution_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + nullable: true + Security_Solution_Osquery_API_Removed: + type: boolean + Security_Solution_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Removed' + nullable: true + Security_Solution_Osquery_API_SavedQueryId: + type: string + Security_Solution_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + nullable: true + Security_Solution_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Solution_Osquery_API_Snapshot: + type: boolean + Security_Solution_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Snapshot' + nullable: true + Security_Solution_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Solution_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_IntervalOrUndefined + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_Version: + type: string + Security_Solution_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Version' + nullable: true + Security_Solution_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Solution_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + type: boolean + category: + type: string + columnHeaderType: + type: string + description: + type: string + example: + oneOf: + - type: string + - type: number + id: + type: string + indexes: + items: + type: string + type: array + name: + type: string + placeholder: + type: string + searchable: + type: boolean + type: + type: string + Security_Solution_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + Security_Solution_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderQueryMatch + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DataProviderType' + nullable: true + Security_Solution_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Solution_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Solution_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + type: array + message: + nullable: true + type: string + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_FavoriteTimelineResult: + type: object + properties: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Solution_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + type: boolean + match_all: + type: string + meta: + type: object + properties: + alias: + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + formattedValue: + type: string + index: + type: string + key: + type: string + negate: + type: boolean + params: + type: string + type: + type: string + value: + type: string + missing: + type: string + query: + type: string + range: + type: string + script: + type: string + Security_Solution_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: + items: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Solution_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + Security_Solution_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + Security_Solution_Timeline_API_PinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + pinnedEventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + version: + type: string + required: + - eventId + - pinnedEventId + - timelineId + - version + Security_Solution_Timeline_API_QueryMatchResult: + type: object + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + nullable: true + type: string + Security_Solution_Timeline_API_Readable: + type: object + properties: + _data: + additionalProperties: true + type: object + _encoding: + type: string + _events: + additionalProperties: true + type: object + _eventsCount: + type: number + _maxListeners: + additionalProperties: true + type: object + _position: + type: number + _read: + additionalProperties: true + type: object + _readableState: + additionalProperties: true + type: object + readable: + type: boolean + Security_Solution_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Solution_Timeline_API_SavedTimeline: + type: object + properties: + columns: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ColumnHeaderResult + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderResult + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - type: string + - type: number + start: + oneOf: + - type: string + - type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true + type: string + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + nullable: true + type: array + filters: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FilterTimelineResult + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Solution_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Solution_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + type: array + Security_Solution_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Solution_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Solution_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + noteIds: + items: + type: string + type: array + notes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + pinnedEventIds: + items: + type: string + type: array + pinnedEventsSaveObject: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Solution_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Serverless_saved_objects_400_response: + title: Bad request + type: object + properties: + error: + enum: + - Bad Request + type: string + message: + type: string + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + SLOs_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + example: 'Invalid value ''foo'' supplied to: [...]' + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + SLOs_401_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 401 + type: number + required: + - statusCode + - error + - message + SLOs_403_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 403 + type: number + required: + - statusCode + - error + - message + SLOs_404_response: + title: Not found + type: object + properties: + error: + example: Not Found + type: string + message: + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found + type: string + statusCode: + example: 404 + type: number + required: + - statusCode + - error + - message + SLOs_409_response: + title: Conflict + type: object + properties: + error: + example: Conflict + type: string + message: + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists + type: string + statusCode: + example: 409 + type: number + required: + - statusCode + - error + - message + SLOs_budgeting_method: + description: The budgeting method to use when computing the rollup data. + enum: + - occurrences + - timeslices + example: occurrences + title: Budgeting method + type: string + SLOs_create_slo_request: + description: > + The create SLO API request body varies depending on the type of + indicator, time window and budgeting method. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: >- + A optional and unique identifier for the SLO. Must be between 8 and + 36 chars + example: my-super-slo-id + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + required: + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + title: Create SLO request + type: object + SLOs_create_slo_response: + title: Create SLO response + type: object + properties: + id: + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - id + SLOs_delete_slo_instances_request: + description: > + The delete SLO instances request takes a list of SLO id and instance id, + then delete the rollup and summary data. This API can be used to remove + the staled data of an instance SLO that no longer get updated. + properties: + list: + description: An array of slo id and instance id + items: + type: object + properties: + instanceId: + description: The SLO instance identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + sloId: + description: The SLO unique identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - sloId + - instanceId + type: array + required: + - list + title: Delete SLO instances request + type: object + SLOs_error_budget: + title: Error budget + type: object + properties: + consumed: + description: The error budget consummed, as a percentage of the initial value. + example: 0.8 + type: number + initial: + description: The initial error budget, as 1 - objective + example: 0.02 + type: number + isEstimated: + description: >- + Only for SLO defined with occurrences budgeting method and calendar + aligned time window. + example: true + type: boolean + remaining: + description: The error budget remaining, as a percentage of the initial value. + example: 0.2 + type: number + required: + - initial + - consumed + - remaining + - isEstimated + SLOs_filter: + description: Defines properties for a filter + properties: + meta: + $ref: '#/components/schemas/SLOs_filter_meta' + query: + type: object + title: Filter + type: object + SLOs_filter_meta: + description: Defines properties for a filter + properties: + alias: + nullable: true + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + group: + type: string + index: + type: string + isMultiIndex: + type: boolean + key: + type: string + negate: + type: boolean + params: + type: object + type: + type: string + value: + type: string + title: FilterMeta + type: object + SLOs_find_slo_response: + description: | + A paginated response of SLOs matching the query. + properties: + page: + example: 1 + type: number + perPage: + example: 25 + type: number + results: + items: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + type: array + total: + example: 34 + type: number + title: Find SLO response + type: object + SLOs_indicator_properties_apm_availability: + description: Defines properties for the APM availability indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM availability + SLOs_indicator_properties_apm_latency: + description: Defines properties for the APM latency indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + threshold: + description: The latency threshold in milliseconds + example: 250 + type: number + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + - threshold + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM latency + SLOs_indicator_properties_custom_kql: + description: Defines properties for a custom query indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + $ref: '#/components/schemas/SLOs_kql_with_filters' + good: + $ref: '#/components/schemas/SLOs_kql_with_filters_good' + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + $ref: '#/components/schemas/SLOs_kql_with_filters_total' + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.kql.custom + type: string + required: + - type + - params + title: Custom Query + SLOs_indicator_properties_custom_metric: + description: Defines properties for a custom metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "good" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "total" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: *' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.metric.custom + type: string + required: + - type + - params + title: Custom metric + SLOs_indicator_properties_histogram: + description: Defines properties for a histogram indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for good events. + example: 'processor.outcome: "success"' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for total events. + example: 'processor.outcome : *' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.histogram.custom + type: string + required: + - type + - params + title: Histogram indicator + SLOs_indicator_properties_timeslice_metric: + description: Defines properties for a timeslice metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + index: + description: The index or index pattern to use + example: my-service-* + type: string + metric: + description: > + An object defining the metrics, equation, and threshold to + determine if it's a good slice or not + type: object + properties: + comparator: + description: >- + The comparator to use to compare the equation to the + threshold. + enum: + - GT + - GTE + - LT + - LTE + example: GT + type: string + equation: + description: The equation to calculate the metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + anyOf: + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_percentile_metric + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_doc_count_metric + type: array + threshold: + description: >- + The threshold used to determine if the metric is a good + slice or not. + example: 100 + type: number + required: + - metrics + - equation + - comparator + - threshold + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + required: + - index + - timestampField + - metric + type: + description: The type of indicator. + example: sli.metric.timeslice + type: string + required: + - type + - params + title: Timeslice metric + SLOs_kql_with_filters: + description: Defines properties for a filter + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL with filters + SLOs_kql_with_filters_good: + description: The KQL query used to define the good events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'request.latency <= 150 and request.status_code : "2xx"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for good events + SLOs_kql_with_filters_total: + description: The KQL query used to define all events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for all events + SLOs_objective: + description: Defines properties for the SLO objective + type: object + properties: + target: + description: the target objective between 0 and 1 excluded + example: 0.99 + exclusiveMaximum: true + exclusiveMinimum: true + maximum: 100 + minimum: 0 + type: number + timesliceTarget: + description: >- + the target objective for each slice when using a timeslices + budgeting method + example: 0.995 + maximum: 100 + minimum: 0 + type: number + timesliceWindow: + description: >- + the duration of each slice when using a timeslices budgeting method, + as {duraton}{unit} + example: 5m + type: string + required: + - target + title: Objective + SLOs_settings: + description: Defines properties for SLO settings. + properties: + frequency: + default: 1m + description: Configure how often the transform runs, default 1m + example: 5m + type: string + preventInitialBackfill: + default: false + description: Prevents the transform from backfilling data when it starts. + example: true + type: boolean + syncDelay: + default: 1m + description: The synch delay to apply to the transform. Default 1m + example: 5m + type: string + title: Settings + type: object + SLOs_slo_definition_response: + title: SLO definition response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - enabled + - groupBy + - tags + - createdAt + - updatedAt + - version + SLOs_slo_with_summary_response: + title: SLO response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + instanceId: + description: the value derived from the groupBy field, if present, otherwise '*' + example: host-abcde + type: string + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + summary: + $ref: '#/components/schemas/SLOs_summary' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - summary + - enabled + - groupBy + - instanceId + - tags + - createdAt + - updatedAt + - version + SLOs_summary: + description: The SLO computed data + properties: + errorBudget: + $ref: '#/components/schemas/SLOs_error_budget' + sliValue: + example: 0.9836 + type: number + status: + $ref: '#/components/schemas/SLOs_summary_status' + required: + - status + - sliValue + - errorBudget + title: Summary + type: object + SLOs_summary_status: + enum: + - NO_DATA + - HEALTHY + - DEGRADING + - VIOLATED + example: HEALTHY + title: summary status + type: string + SLOs_time_window: + description: Defines properties for the SLO time window + type: object + properties: + duration: + description: >- + the duration formatted as {duration}{unit}. Accepted values for + rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w + (weekly) or 1M (monthly) + example: 30d + type: string + type: + description: >- + Indicates weither the time window is a rolling or a calendar aligned + time window. + enum: + - rolling + - calendarAligned + example: rolling + type: string + required: + - duration + - type + title: Time window + SLOs_timeslice_metric_basic_metric_with_field: + type: object + properties: + aggregation: + description: The aggregation type of the metric. + enum: + - sum + - avg + - min + - max + - std_deviation + - last_value + - cardinality + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + title: Timeslice Metric Basic Metric with Field + SLOs_timeslice_metric_doc_count_metric: + type: object + properties: + aggregation: + description: The aggregation type of the metric. Only valid option is "doc_count" + enum: + - doc_count + example: doc_count + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + title: Timeslice Metric Doc Count Metric + SLOs_timeslice_metric_percentile_metric: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option is + "percentile" + enum: + - percentile + example: percentile + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + percentile: + description: The percentile value. + example: 95 + type: number + required: + - name + - aggregation + - field + - percentile + title: Timeslice Metric Percentile Metric + SLOs_update_slo_request: + description: > + The update SLO API request body varies depending on the type of + indicator, time window and budgeting method. Partial update is handled. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + title: Update SLO request + type: object + securitySchemes: + apiKeyAuth: + description: >- + You must create an API key and use the encoded value in the request + header. To learn about creating keys, go to [API + keys](https://www.elastic.co/docs/current/serverless/api-keys). + in: header + name: Authorization + type: apiKey +security: + - apiKeyAuth: [] +tags: + - name: alerting + - description: > + Configure APM agent keys to authorize requests from APM agents to the APM + Server. + name: APM agent keys + - description: > + Annotate visualizations in the APM app with significant events. + Annotations enable you to easily see how events are impacting the + performance of your applications. + name: APM annotations + - name: connectors + - name: Data streams + - description: >- + Data view APIs enable you to manage data views, formerly known as Kibana + index patterns. + name: data views + - name: Elastic Agent actions + - name: Elastic Agent binary download sources + - name: Elastic Agent policies + - name: Elastic Agent status + - name: Elastic Agents + - name: Elastic Package Manager (EPM) + - name: Fleet enrollment API keys + - name: Fleet internals + - name: Fleet Kubernetes + - name: Fleet outputs + - name: Fleet package policies + - name: Fleet proxies + - name: Fleet Server hosts + - name: Fleet service tokens + - name: Fleet uninstall tokens + - description: Machine learning + name: ml + - description: > + Export sets of saved objects that you want to import into {kib}, resolve + import errors, and rotate an encryption key for encrypted saved objects + with the saved objects APIs. + + + To manage a specific type of saved object, use the corresponding APIs. + + For example, use: + + + [Data views](../group/endpoint-data-views) + + + Warning: Do not write documents directly to the `.kibana` index. When you + write directly to the `.kibana` index, the data becomes corrupted and + permanently breaks future Kibana versions. + name: saved objects + x-displayName: Saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Solution Detections API + - description: >- + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events + even when the rule's other criteria are met. + name: Security Solution Endpoint Exceptions API + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Solution Endpoint Management API + - description: '' + name: Security Solution Entity Analytics API + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Solution Exceptions API + - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. + name: Security Solution Lists API + - description: Run live queries, manage packs and saved queries. + name: Security Solution Osquery API + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Solution Timeline API + - description: SLO APIs enable you to define, manage and track service-level objectives + name: slo + - name: system diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index caaee59e30287..ba913ee77b54b 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -61,27 +61,27 @@ info: version: 1.0.2 x-doc-license: name: Attribution-NonCommercial-NoDerivatives 4.0 International - url: 'https://creativecommons.org/licenses/by-nc-nd/4.0/' + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ x-feedbackLink: label: Feedback url: >- https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ servers: - - url: 'http://{kibana_host}:{port}' + - url: http://{kibana_host}:{port} variables: kibana_host: default: localhost port: default: '5601' - - url: 'http://localhost:5622' - - url: 'https://{kibana_url}' + - url: http://localhost:5622 + - url: https://{kibana_url} variables: kibana_url: - default: 'localhost:5601' + default: localhost:5601 - url: / - - url: 'http://KIBANA_HOST:5601' + - url: http://KIBANA_HOST:5601 - description: local - url: 'http://localhost:5601' + url: http://localhost:5601 paths: /api/actions: get: @@ -146,11 +146,53 @@ paths: - actionTypeId responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: - connectors - '/api/actions/action/{id}': + /api/actions/action/{id}: delete: deprecated: true description: 'WARNING: When you delete a connector, it cannot be recovered.' @@ -203,6 +245,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -253,11 +337,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/action/{id}/_execute': + /api/actions/action/{id}/_execute: post: deprecated: true operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' @@ -297,6 +423,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -326,7 +494,7 @@ paths: summary: Get connector types tags: - connectors - '/api/actions/connector/{id}': + /api/actions/connector/{id}: delete: description: 'WARNING: When you delete a connector, it cannot be recovered.' operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' @@ -377,6 +545,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -399,7 +609,8 @@ paths: schema: example: 'true' type: string - - in: path + - description: An identifier for the connector. + in: path name: id required: false schema: @@ -430,6 +641,48 @@ paths: - connector_type_id responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: @@ -480,11 +733,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/connector/{id}/_execute': + /api/actions/connector/{id}/_execute: post: description: >- You can use this API to test an action that involves interaction with @@ -526,6 +821,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -563,7 +900,7 @@ paths: summary: Get connector types tags: - connectors - '/api/alerting/rule/{id}': + /api/alerting/rule/{id}: delete: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' parameters: @@ -591,6 +928,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Delete a rule tags: - alerting @@ -1345,7 +1688,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -1417,6 +1760,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Get rule details tags: - alerting @@ -2480,7 +2829,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -2552,6 +2901,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. summary: Create a rule tags: - alerting @@ -3586,7 +3941,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -3658,10 +4013,18 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update a rule tags: - alerting - '/api/alerting/rule/{id}/_disable': + /api/alerting/rule/{id}/_disable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' parameters: @@ -3701,10 +4064,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Disable a rule tags: - alerting - '/api/alerting/rule/{id}/_enable': + /api/alerting/rule/{id}/_enable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' parameters: @@ -3732,10 +4101,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Enable a rule tags: - alerting - '/api/alerting/rule/{id}/_mute_all': + /api/alerting/rule/{id}/_mute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' parameters: @@ -3766,7 +4141,7 @@ paths: summary: Mute all alerts tags: - alerting - '/api/alerting/rule/{id}/_unmute_all': + /api/alerting/rule/{id}/_unmute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' parameters: @@ -3797,7 +4172,7 @@ paths: summary: Unmute all alerts tags: - alerting - '/api/alerting/rule/{id}/_update_api_key': + /api/alerting/rule/{id}/_update_api_key: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' parameters: @@ -3825,10 +4200,18 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update the API key for a rule tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_mute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 @@ -3863,10 +4246,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Mute an alert tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 @@ -3901,6 +4290,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Unmute an alert tags: - alerting @@ -4756,7 +5151,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -4828,6 +5223,10 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. summary: Get information about rules tags: - alerting @@ -4846,8 +5245,8 @@ paths: privileges: items: enum: - - 'event:write' - - 'config_agent:read' + - event:write + - config_agent:read type: string type: array required: true @@ -4873,7 +5272,7 @@ paths: summary: Create an APM agent key tags: - APM agent keys - '/api/apm/services/{serviceName}/annotation': + /api/apm/services/{serviceName}/annotation: post: description: Create a new annotation for a specific service. operationId: createAnnotation @@ -4948,7 +5347,7 @@ paths: summary: Create a service annotation tags: - APM annotations - '/api/apm/services/{serviceName}/annotation/search': + /api/apm/services/{serviceName}/annotation/search: get: description: Search for annotations related to a specific service. operationId: getAnnotation @@ -5073,7 +5472,7 @@ paths: summary: Create a data view tags: - data views - '/api/data_views/data_view/{viewId}': + /api/data_views/data_view/{viewId}: delete: description: | WARNING: When you delete a data view, it cannot be recovered. @@ -5146,7 +5545,7 @@ paths: summary: Update a data view tags: - data views - '/api/data_views/data_view/{viewId}/fields': + /api/data_views/data_view/{viewId}/fields: post: description: > Update fields presentation metadata such as count, customLabel, @@ -5189,7 +5588,7 @@ paths: summary: Update data view fields metadata tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field': + /api/data_views/data_view/{viewId}/runtime_field: post: operationId: createRuntimeFieldDefault parameters: @@ -5281,7 +5680,7 @@ paths: summary: Create or update a runtime field tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field/{fieldName}': + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: delete: operationId: deleteRuntimeFieldDefault parameters: @@ -5588,7 +5987,7 @@ paths: summary: Create agent binary download source tags: - Elastic Agent binary download sources - '/api/fleet/agent_download_sources/{sourceId}': + /api/fleet/agent_download_sources/{sourceId}: delete: operationId: delete-download-source parameters: @@ -5791,7 +6190,7 @@ paths: summary: Bulk get agent policies tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}': + /api/fleet/agent_policies/{agentPolicyId}: get: description: Get one agent policy operationId: agent-policy-info @@ -5846,7 +6245,7 @@ paths: summary: Update agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/copy': + /api/fleet/agent_policies/{agentPolicyId}/copy: parameters: - in: path name: agentPolicyId @@ -5888,7 +6287,7 @@ paths: summary: Copy agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/download': + /api/fleet/agent_policies/{agentPolicyId}/download: get: operationId: agent-policy-download responses: @@ -5927,7 +6326,7 @@ paths: required: false schema: type: string - '/api/fleet/agent_policies/{agentPolicyId}/full': + /api/fleet/agent_policies/{agentPolicyId}/full: get: operationId: agent-policy-full responses: @@ -6210,7 +6609,7 @@ paths: summary: List agents by action ids tags: - Elastic Agents - '/api/fleet/agents/{agentId}': + /api/fleet/agents/{agentId}: delete: operationId: delete-agent parameters: @@ -6295,7 +6694,7 @@ paths: summary: Update agent by ID tags: - Elastic Agents - '/api/fleet/agents/{agentId}/actions': + /api/fleet/agents/{agentId}/actions: parameters: - in: path name: agentId @@ -6336,7 +6735,7 @@ paths: summary: Create agent action tags: - Elastic Agent actions - '/api/fleet/agents/{agentId}/reassign': + /api/fleet/agents/{agentId}/reassign: parameters: - in: path name: agentId @@ -6398,7 +6797,7 @@ paths: summary: Reassign agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/request_diagnostics': + /api/fleet/agents/{agentId}/request_diagnostics: parameters: - in: path name: agentId @@ -6437,7 +6836,7 @@ paths: summary: Request agent diagnostics tags: - Elastic Agents - '/api/fleet/agents/{agentId}/unenroll': + /api/fleet/agents/{agentId}/unenroll: parameters: - in: path name: agentId @@ -6483,7 +6882,7 @@ paths: summary: Unenroll agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/upgrade': + /api/fleet/agents/{agentId}/upgrade: parameters: - in: path name: agentId @@ -6512,7 +6911,7 @@ paths: summary: Upgrade agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/uploads': + /api/fleet/agents/{agentId}/uploads: get: operationId: list-agent-uploads responses: @@ -6656,7 +7055,7 @@ paths: summary: Get agent action status tags: - Elastic Agent actions - '/api/fleet/agents/actions/{actionId}/cancel': + /api/fleet/agents/actions/{actionId}/cancel: parameters: - in: path name: actionId @@ -6698,7 +7097,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6747,7 +7146,7 @@ paths: type: array agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6791,7 +7190,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6846,7 +7245,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -6892,7 +7291,7 @@ paths: - agent1 - agent2 rollout_duration_seconds: 3600 - source_uri: 'https://artifacts.elastic.co/downloads/beats/elastic-agent' + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent start_time: '2022-08-03T14:00:00.000Z' version: 8.4.0 schema: @@ -6913,7 +7312,7 @@ paths: summary: Bulk upgrade agents tags: - Elastic Agents - '/api/fleet/agents/files/{fileId}': + /api/fleet/agents/files/{fileId}: delete: operationId: delete-agent-upload-file responses: @@ -6942,7 +7341,7 @@ paths: required: true schema: type: string - '/api/fleet/agents/files/{fileId}/{fileName}': + /api/fleet/agents/files/{fileId}/{fileName}: get: operationId: get-agent-upload-file responses: @@ -7136,7 +7535,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment_api_keys/{keyId}': + /api/fleet/enrollment_api_keys/{keyId}: delete: operationId: delete-enrollment-api-key parameters: @@ -7247,7 +7646,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment-api-keys/{keyId}': + /api/fleet/enrollment-api-keys/{keyId}: delete: deprecated: true operationId: delete-enrollment-api-key-deprecated @@ -7532,7 +7931,7 @@ paths: summary: Bulk install packages tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgkey}': + /api/fleet/epm/packages/{pkgkey}: delete: deprecated: true operationId: delete-package-deprecated @@ -7692,7 +8091,7 @@ paths: summary: Install package tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: delete: operationId: delete-package parameters: @@ -7924,7 +8323,7 @@ paths: summary: Update package settings tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: get: operationId: packages-get-file responses: @@ -7962,7 +8361,7 @@ paths: required: true schema: type: string - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: post: description: '' operationId: reauthorize-transforms @@ -8028,7 +8427,7 @@ paths: summary: Authorize transforms tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/stats': + /api/fleet/epm/packages/{pkgName}/stats: get: operationId: get-package-stats responses: @@ -8075,7 +8474,7 @@ paths: tags: - Elastic Package Manager (EPM) parameters: [] - '/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs': + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: get: operationId: get-inputs-template responses: @@ -8215,7 +8614,7 @@ paths: summary: Create Fleet Server host tags: - Fleet Server hosts - '/api/fleet/fleet_server_hosts/{itemId}': + /api/fleet/fleet_server_hosts/{itemId}: delete: operationId: delete-fleet-server-hosts parameters: @@ -8448,7 +8847,7 @@ paths: summary: Create output tags: - Fleet outputs - '/api/fleet/outputs/{outputId}': + /api/fleet/outputs/{outputId}: delete: operationId: delete-output parameters: @@ -8517,7 +8916,7 @@ paths: summary: Update output by ID tags: - Fleet outputs - '/api/fleet/outputs/{outputId}/health': + /api/fleet/outputs/{outputId}/health: get: operationId: get-output-health responses: @@ -8531,7 +8930,7 @@ paths: description: long message if unhealthy type: string state: - description: 'state of output, HEALTHY or DEGRADED' + description: state of output, HEALTHY or DEGRADED type: string timestamp: description: timestamp of reported state @@ -8653,7 +9052,7 @@ paths: summary: Bulk get package policies tags: - Fleet package policies - '/api/fleet/package_policies/{packagePolicyId}': + /api/fleet/package_policies/{packagePolicyId}: delete: operationId: delete-package-policy parameters: @@ -8925,7 +9324,7 @@ paths: summary: Create proxy tags: - Fleet proxies - '/api/fleet/proxies/{itemId}': + /api/fleet/proxies/{itemId}: delete: operationId: delete-fleet-proxies parameters: @@ -9184,7 +9583,7 @@ paths: summary: List metadata for latest uninstall tokens per agent policy tags: - Fleet uninstall tokens - '/api/fleet/uninstall_tokens/{uninstallTokenId}': + /api/fleet/uninstall_tokens/{uninstallTokenId}: get: operationId: get-uninstall-token parameters: @@ -9518,7 +9917,7 @@ paths: summary: Get Kibana's current status tags: - system - '/s/{spaceId}/api/observability/slos': + /s/{spaceId}/api/observability/slos: get: description: > You must have the `read` privileges for the **SLOs** feature in the @@ -9533,7 +9932,7 @@ paths: name: kqlQuery schema: type: string - - description: 'The page to use for pagination, must be greater or equal than 1' + - description: The page to use for pagination, must be greater or equal than 1 example: 1 in: query name: page @@ -9657,11 +10056,11 @@ paths: $ref: '#/components/schemas/SLOs_409_response' description: Conflict - The SLO id already exists servers: - - url: 'https://localhost:5601' + - url: https://localhost:5601 summary: Create an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/_delete_instances': + /s/{spaceId}/api/observability/slos/_delete_instances: post: description: > The deletion occurs for the specified list of `sloId` and `instanceId`. @@ -9699,11 +10098,11 @@ paths: $ref: '#/components/schemas/SLOs_403_response' description: Unauthorized response servers: - - url: 'https://localhost:5601' + - url: https://localhost:5601 summary: Batch delete rollup and summary data tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}': + /s/{spaceId}/api/observability/slos/{sloId}: delete: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9841,7 +10240,7 @@ paths: summary: Update an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/_reset': + /s/{spaceId}/api/observability/slos/{sloId}/_reset: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9885,7 +10284,7 @@ paths: summary: Reset an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/disable': + /s/{spaceId}/api/observability/slos/{sloId}/disable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9925,7 +10324,7 @@ paths: summary: Disable an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/enable': + /s/{spaceId}/api/observability/slos/{sloId}/enable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -9975,7 +10374,7 @@ components: runtimeFieldMap: runtime_shape_name: script: - source: 'emit(doc[''shape_name''].value)' + source: emit(doc['shape_name'].value) type: keyword title: logstash-* Data_views_create_runtime_field_request: @@ -9984,7 +10383,7 @@ components: name: runtimeFoo runtimeField: script: - source: 'emit(doc["foo"].value)' + source: emit(doc["foo"].value) type: long Data_views_get_data_view_response: summary: >- @@ -10006,35 +10405,35 @@ components: products.base_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.base_unit_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.min_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxful_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxless_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 taxful_total_price: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] taxless_total_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 fields: _id: aggregatable: false @@ -10510,7 +10909,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_price readFromDocValues: true @@ -10526,7 +10925,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_unit_price readFromDocValues: true @@ -10646,7 +11045,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.min_price readFromDocValues: true @@ -10662,7 +11061,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.price readFromDocValues: true @@ -10765,7 +11164,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxful_price readFromDocValues: true @@ -10781,7 +11180,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxless_price readFromDocValues: true @@ -10825,7 +11224,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: taxful_total_price readFromDocValues: true @@ -10841,7 +11240,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: taxless_total_price readFromDocValues: true @@ -10952,7 +11351,7 @@ components: AvgTicketPrice: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] hour_of_day: id: number params: @@ -11020,7 +11419,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: AvgTicketPrice readFromDocValues: true @@ -11295,7 +11694,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -11420,7 +11819,7 @@ components: runtimeFieldMap: hour_of_day: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long sourceFilters: [] timeFieldName: timestamp @@ -11435,7 +11834,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -11483,7 +11882,7 @@ components: value: runtimeField: script: - source: 'emit(doc["bar"].value)' + source: emit(doc["bar"].value) Machine_learning_APIs_mlSyncExample: summary: Two anomaly detection jobs required synchronization in this example. value: @@ -11654,7 +12053,7 @@ components: - desc type: string Fleet_with_metrics: - description: 'Return agent metrics, false by default' + description: Return agent metrics, false by default in: query name: withMetrics required: false @@ -11928,7 +12327,7 @@ components: - fromId - toId Data_views_timefieldname: - description: 'The timestamp field name, which you use for time-based data views.' + description: The timestamp field name, which you use for time-based data views. type: string Data_views_title: description: >- @@ -11936,7 +12335,7 @@ components: to search. Supports wildcards (`*`). type: string Data_views_type: - description: 'When set to `rollup`, identifies the rollup data views.' + description: When set to `rollup`, identifies the rollup data views. type: string Data_views_typemeta: description: >- @@ -12235,6 +12634,25 @@ components: collection will be disabled nullable: true type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number monitoring_enabled: items: enum: @@ -12242,9 +12660,22 @@ components: - logs type: string type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled monitoring_output_id: nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: type: string namespace: @@ -12463,14 +12894,14 @@ components: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: type: string type: array force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean rollout_duration_seconds: description: rolling upgrade window duration in seconds @@ -12716,6 +13147,63 @@ components: type: string inputs: type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces output_permissions: additionalProperties: type: object @@ -14025,14 +14513,14 @@ components: type: object properties: enabled: - description: 'enable or disable that input, (default to true)' + description: enable or disable that input, (default to true) type: boolean streams: additionalProperties: type: object properties: enabled: - description: 'enable or disable that stream, (default to true)' + description: enable or disable that stream, (default to true) type: boolean vars: description: >- @@ -14241,7 +14729,7 @@ components: type: object properties: force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean skipRateLimitCheck: description: Skip rate limit check for upgrade @@ -14647,7 +15135,7 @@ components: additionalProperties: $ref: >- #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: 'If saved objects are missing for trained models, they are created.' + description: If saved objects are missing for trained models, they are created. type: object title: Sync API response for created saved objects type: object @@ -14774,7 +15262,7 @@ components: example: Not Found type: string message: - example: 'SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found' + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found type: string statusCode: example: 404 @@ -14791,7 +15279,7 @@ components: example: Conflict type: string message: - example: 'SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists' + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists type: string statusCode: example: 409 @@ -14900,11 +15388,11 @@ components: type: object properties: consumed: - description: 'The error budget consummed, as a percentage of the initial value.' + description: The error budget consummed, as a percentage of the initial value. example: 0.8 type: number initial: - description: 'The initial error budget, as 1 - objective' + description: The initial error budget, as 1 - objective example: 0.02 type: number isEstimated: @@ -14914,7 +15402,7 @@ components: example: true type: boolean remaining: - description: 'The error budget remaining, as a percentage of the initial value.' + description: The error budget remaining, as a percentage of the initial value. example: 0.2 type: number required: @@ -14999,7 +15487,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -15046,7 +15534,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -15180,7 +15668,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15234,7 +15722,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15536,7 +16024,7 @@ components: properties: frequency: default: 1m - description: 'Configure how often the transform runs, default 1m' + description: Configure how often the transform runs, default 1m example: 5m type: string preventInitialBackfill: @@ -15681,7 +16169,7 @@ components: - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' instanceId: - description: 'the value derived from the groupBy field, if present, otherwise ''*''' + description: the value derived from the groupBy field, if present, otherwise '*' example: host-abcde type: string name: @@ -15806,7 +16294,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15829,7 +16317,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -15857,7 +16345,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string percentile: description: The percentile value. @@ -15967,6 +16455,6 @@ tags: permanently breaks future Kibana versions. name: saved objects x-displayName: Saved objects - - description: 'SLO APIs enable you to define, manage and track service-level objectives' + - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: system diff --git a/oas_docs/output/kibana.staging.yaml b/oas_docs/output/kibana.staging.yaml new file mode 100644 index 0000000000000..c2b530c0af263 --- /dev/null +++ b/oas_docs/output/kibana.staging.yaml @@ -0,0 +1,42286 @@ +openapi: 3.0.3 +info: + contact: + name: Kibana Team + description: > + The Kibana REST APIs enable you to manage resources such as connectors, data + views, and saved objects. + + The API calls are stateless. + + Each request that you make happens in isolation from other calls and must + include all of the necessary information for Kibana to fulfill the + + request. + + API requests return JSON output, which is a format that is machine-readable + and works well for automation. + + + To interact with Kibana APIs, use the following operations: + + + - GET: Fetches the information. + + - PATCH: Applies partial modifications to the existing information. + + - POST: Adds new information. + + - PUT: Updates the existing information. + + - DELETE: Removes the information. + + + You can prepend any Kibana API endpoint with `kbn:` and run the request in + **Dev Tools → Console**. + + For example: + + + ``` + + GET kbn:/api/data_views + + ``` + + + For more information about the console, refer to [Run API + requests](https://www.elastic.co/guide/en/kibana/current/console-kibana.html). + + + NOTE: Access to internal Kibana API endpoints will be restricted in Kibana + version 9.0. Please move any integrations to publicly documented APIs. + + + ## Documentation source and versions + + + This documentation is derived from the `main` branch of the + [kibana](https://github.com/elastic/kibana) repository. + + It is provided under license [Attribution-NonCommercial-NoDerivatives 4.0 + International](https://creativecommons.org/licenses/by-nc-nd/4.0/). + title: Kibana APIs + version: 1.0.2 + x-doc-license: + name: Attribution-NonCommercial-NoDerivatives 4.0 International + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ + x-feedbackLink: + label: Feedback + url: >- + https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ +servers: + - url: https://{kibana_url} + variables: + kibana_url: + default: localhost:5601 +paths: + /api/actions: + get: + deprecated: true + operationId: '%2Fapi%2Factions#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/action: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actionTypeId: + description: The connector type identifier. + type: string + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - actionTypeId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + /api/actions/action/{id}: + delete: + deprecated: true + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + put: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/action/{id}/_execute: + post: + deprecated: true + operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connector_types: + get: + description: You do not need any Kibana feature privileges to run this API. + operationId: '%2Fapi%2Factions%2Fconnector_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: >- + A filter to limit the retrieved connector types to those that + support a specific feature (such as alerting or cases). + in: query + name: feature_id + required: false + schema: + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/actions/connector/{id}: + delete: + description: 'WARNING: When you delete a connector, it cannot be recovered.' + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Delete a connector + tags: + - connectors + get: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Get connector information + tags: + - connectors + post: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + connector_type_id: + description: The type of connector. + type: string + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + - connector_type_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Create a connector + tags: + - connectors + put: + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + default: {} + type: object + name: + description: The display name for the connector. + type: string + secrets: + additionalProperties: {} + default: {} + type: object + required: + - name + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Update a connector + tags: + - connectors + /api/actions/connector/{id}/_execute: + post: + description: >- + You can use this API to test an action that involves interaction with + Kibana services or integrations with third-party systems. + operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D%2F_execute#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: An identifier for the connector. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + params: + additionalProperties: {} + type: object + required: + - params + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action + description: Indicates a successful call. + summary: Run a connector + tags: + - connectors + /api/actions/connectors: + get: + operationId: '%2Fapi%2Factions%2Fconnectors#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get all connectors + tags: + - connectors + /api/actions/list_action_types: + get: + deprecated: true + operationId: '%2Fapi%2Factions%2Flist_action_types#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + responses: {} + summary: Get connector types + tags: + - connectors + /api/alerting/_health: + get: + description: > + You must have `read` privileges for the **Management > Stack Rules** + feature or for at least one of the **Analytics > Discover**, **Analytics + > Machine Learning**, **Observability**, or **Security** features. + operationId: getAlertingHealth + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAlertingHealthResponse: + $ref: '#/components/examples/Alerting_get_health_response' + schema: + type: object + properties: + alerting_framework_health: + description: > + Three substates identify the health of the alerting + framework: `decryption_health`, `execution_health`, and + `read_health`. + type: object + properties: + decryption_health: + description: The timestamp and status of the rule decryption. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + execution_health: + description: The timestamp and status of the rule run. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + read_health: + description: The timestamp and status of the rule reading events. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + has_permanent_encryption_key: + description: >- + If `false`, the encrypted saved object plugin does not + have a permanent encryption key. + example: true + type: boolean + is_sufficiently_secure: + description: If `false`, security is enabled but TLS is not. + example: true + type: boolean + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the alerting framework health + tags: + - alerting + /api/alerting/rule_types: + get: + description: > + If you have `read` privileges for one or more Kibana features, the API + response contains information about the appropriate rule types. For + example, there are rule types associated with the **Management > Stack + Rules** feature, **Analytics > Discover** and **Machine Learning** + features, **Observability** features, and **Security** features. To get + rule types associated with the **Stack Monitoring** feature, use the + `monitoring_user` built-in role. + operationId: getRuleTypes + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuleTypesResponse: + $ref: '#/components/examples/Alerting_get_rule_types_response' + schema: + items: + type: object + properties: + action_groups: + description: > + An explicit list of groups for which the rule type can + schedule actions, each with the action group's unique ID + and human readable name. Rule actions validation uses + this configuration to ensure that groups are valid. + items: + type: object + properties: + id: + type: string + name: + type: string + type: array + action_variables: + description: > + A list of action variables that the rule type makes + available via context and state in action parameter + templates, and a short human readable description. When + you create a rule in Kibana, it uses this information to + prompt you for these variables in action parameter + editors. + type: object + properties: + context: + items: + type: object + properties: + description: + type: string + name: + type: string + useWithTripleBracesInTemplates: + type: boolean + type: array + params: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + state: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + alerts: + description: > + Details for writing alerts as data documents for this + rule type. + type: object + properties: + context: + description: | + The namespace for this rule type. + enum: + - ml.anomaly-detection + - observability.apm + - observability.logs + - observability.metrics + - observability.slo + - observability.threshold + - observability.uptime + - security + - stack + type: string + dynamic: + description: Indicates whether new fields are added dynamically. + enum: + - 'false' + - runtime + - strict + - 'true' + type: string + isSpaceAware: + description: > + Indicates whether the alerts are space-aware. If + true, space-specific alert indices are used. + type: boolean + mappings: + type: object + properties: + fieldMap: + additionalProperties: + $ref: >- + #/components/schemas/Alerting_fieldmap_properties + description: > + Mapping information for each field supported in + alerts as data documents for this rule type. For + more information about mapping parameters, refer + to the Elasticsearch documentation. + type: object + secondaryAlias: + description: > + A secondary alias. It is typically used to support + the signals alias for detection rules. + type: string + shouldWrite: + description: > + Indicates whether the rule should write out alerts + as data. + type: boolean + useEcs: + description: > + Indicates whether to include the ECS component + template for the alerts. + type: boolean + useLegacyAlerts: + default: false + description: > + Indicates whether to include the legacy component + template for the alerts. + type: boolean + authorized_consumers: + description: >- + The list of the plugins IDs that have access to the rule + type. + type: object + properties: + alerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + apm: + type: object + properties: + all: + type: boolean + read: + type: boolean + discover: + type: object + properties: + all: + type: boolean + read: + type: boolean + infrastructure: + type: object + properties: + all: + type: boolean + read: + type: boolean + logs: + type: object + properties: + all: + type: boolean + read: + type: boolean + ml: + type: object + properties: + all: + type: boolean + read: + type: boolean + monitoring: + type: object + properties: + all: + type: boolean + read: + type: boolean + siem: + type: object + properties: + all: + type: boolean + read: + type: boolean + slo: + type: object + properties: + all: + type: boolean + read: + type: boolean + stackAlerts: + type: object + properties: + all: + type: boolean + read: + type: boolean + uptime: + type: object + properties: + all: + type: boolean + read: + type: boolean + category: + description: >- + The rule category, which is used by features such as + category-specific maintenance windows. + enum: + - management + - observability + - securitySolution + type: string + default_action_group_id: + description: The default identifier for the rule type group. + type: string + does_set_recovery_context: + description: >- + Indicates whether the rule passes context variables to + its recovery action. + type: boolean + enabled_in_license: + description: >- + Indicates whether the rule type is enabled or disabled + based on the subscription. + type: boolean + has_alerts_mappings: + description: >- + Indicates whether the rule type has custom mappings for + the alert data. + type: boolean + has_fields_for_a_a_d: + type: boolean + id: + description: The unique identifier for the rule type. + type: string + is_exportable: + description: >- + Indicates whether the rule type is exportable in **Stack + Management > Saved Objects**. + type: boolean + minimum_license_required: + description: The subscriptions required to use the rule type. + example: basic + type: string + name: + description: The descriptive name of the rule type. + type: string + producer: + description: >- + An identifier for the application that produces this + rule type. + example: stackAlerts + type: string + recovery_action_group: + description: >- + An action group to use when an alert goes from an active + state to an inactive one. + type: object + properties: + id: + type: string + name: + type: string + rule_task_timeout: + example: 5m + type: string + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the rule types + tags: + - alerting + /api/alerting/rule/{id}: + delete: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Delete a rule + tags: + - alerting + get: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Get rule details + tags: + - alerting + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%3F%7D#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: >- + The identifier for the rule. If it is omitted, an ID is randomly + generated. + in: path + name: id + required: false + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Conditions that affect whether the action runs. If you + specify multiple conditions, all conditions must be + met for the action to run. For example, if an alert + occurs within the specified time frame and matches the + query, the action runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, `infrastructure`, + `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, + `siem`, `stackAlerts`, or `uptime`. + type: string + enabled: + default: true + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + rule_type_id: + description: The rule type identifier. + type: string + schedule: + additionalProperties: false + description: >- + The check interval, which specifies how frequently the rule + conditions are checked. + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + description: The tags for the rule. + items: + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - rule_type_id + - consumer + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. + summary: Create a rule + tags: + - alerting + put: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#1' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + default: [] + items: + additionalProperties: false + description: An action that runs under defined conditions. + type: object + properties: + alerts_filter: + additionalProperties: false + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query Domain + Specific Language (DSL) as defined in the + `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the days + of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + description: >- + Defines the range of time in a day that the + action can run. If the `start` value is + `00:00` and the `end` value is `24:00`, + actions be generated all day. + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work but + lack built-in daylight savings time support + and are not recommended. + type: string + required: + - days + - hours + - timezone + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. Valid + values include: `onActionGroupChange`: Actions run + when the alert status changes; `onActiveAlert`: + Actions run when the alert becomes active and at + each check interval while the rule conditions are + met; `onThrottleInterval`: Actions run when the + alert becomes active and at the interval specified + in the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` at + both the rule and action level. The recommended + method is to set it for each action. If you set it + at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific + values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often an + alert generates repeated actions. It is specified + in seconds, minutes, hours, or days and is + applicable only if `notify_when` is set to + `onThrottleInterval`. NOTE: You cannot specify the + throttle interval at both the rule and action + level. The recommended method is to set it for + each action. If you set it at the rule level then + update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + default: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: A universally unique identifier (UUID) for the action. + type: string + required: + - id + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + name: + description: >- + The name of the rule. While this name does not have to be + unique, a distinctive name can help you identify a rule. + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while the rule + conditions are met; `onThrottleInterval`: Actions run when + the alert becomes active and at the interval specified in + the throttle property while the rule conditions are met. + NOTE: You cannot specify `notify_when` at both the rule and + action level. The recommended method is to set it for each + action. If you set it at the rule level then update the rule + in Kibana, it is automatically changed to use + action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + default: {} + description: The parameters for the rule. + type: object + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, or + days. + type: string + required: + - interval + tags: + default: [] + items: + description: The tags for the rule. + type: string + type: array + throttle: + description: >- + Use the `throttle` property in the action `frequency` object + instead. The throttle interval, which defines how often an + alert generates repeated actions. NOTE: You cannot specify + the throttle interval at both the rule and action level. If + you set it at the rule level then update the rule in Kibana, + it is automatically changed to use action-specific values. + nullable: true + type: string + required: + - name + - schedule + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update a rule + tags: + - alerting + /api/alerting/rule/{id}/_disable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + nullable: true + type: object + properties: + untrack: + description: Defines whether this rule's alerts should be untracked. + type: boolean + x-oas-optional: true + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Disable a rule + tags: + - alerting + /api/alerting/rule/{id}/_enable: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + summary: Enable a rule + tags: + - alerting + /api/alerting/rule/{id}/_mute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Mute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_unmute_all: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + summary: Unmute all alerts + tags: + - alerting + /api/alerting/rule/{id}/_update_api_key: + post: + operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. + summary: Update the API key for a rule + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Mute an alert + tags: + - alerting + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: + post: + operationId: >- + %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: A required header to protect against CSRF attacks + in: header + name: kbn-xsrf + required: true + schema: + example: 'true' + type: string + - description: The identifier for the rule. + in: path + name: rule_id + required: true + schema: + type: string + - description: The identifier for the alert. + in: path + name: alert_id + required: true + schema: + type: string + responses: + '204': + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. + summary: Unmute an alert + tags: + - alerting + /api/alerting/rules/_find: + get: + operationId: '%2Fapi%2Falerting%2Frules%2F_find#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: The number of rules to return per page. + in: query + name: per_page + required: false + schema: + default: 10 + minimum: 0 + type: number + - description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: number + - description: >- + An Elasticsearch simple_query_string query that filters the objects + in the response. + in: query + name: search + required: false + schema: + type: string + - description: The default operator to use for the simple_query_string. + in: query + name: default_search_operator + required: false + schema: + default: OR + enum: + - OR + - AND + type: string + - description: The fields to perform the simple_query_string parsed query against. + in: query + name: search_fields + required: false + schema: + anyOf: + - items: + type: string + type: array + - type: string + - description: >- + Determines which field is used to sort the results. The field must + exist in the `attributes` key of the response. + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order. + in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - description: >- + Filters the rules that have a relation with the reference objects + with a specific type and identifier. + in: query + name: has_reference + required: false + schema: + additionalProperties: false + nullable: true + type: object + properties: + id: + type: string + type: + type: string + required: + - type + - id + - in: query + name: fields + required: false + schema: + items: + description: The fields to return in the `attributes` key of the response. + type: string + type: array + - description: >- + A KQL string that you filter with an attribute from your saved + object. It should look like `savedObjectType.attributes.title: + "myTitle"`. However, if you used a direct attribute of a saved + object, such as `updatedAt`, you must define your filter, for + example, `savedObjectType.updatedAt > 2018-12-22`. + in: query + name: filter + required: false + schema: + type: string + - in: query + name: filter_consumers + required: false + schema: + items: + description: List of consumers to filter. + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + actions: + items: + additionalProperties: false + type: object + properties: + alerts_filter: + additionalProperties: false + description: >- + Defines a period that limits whether the action + runs. + type: object + properties: + query: + additionalProperties: false + type: object + properties: + dsl: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL). + type: string + filters: + description: >- + A filter written in Elasticsearch Query + Domain Specific Language (DSL) as defined in + the `kbn-es-query` package. + items: + additionalProperties: false + type: object + properties: + $state: + additionalProperties: false + type: object + properties: + store: + description: >- + A filter can be either specific to an + application context or applied globally. + enum: + - appState + - globalState + type: string + required: + - store + meta: + additionalProperties: {} + type: object + query: + additionalProperties: {} + type: object + required: + - meta + type: array + kql: + description: >- + A filter written in Kibana Query Language + (KQL). + type: string + required: + - kql + - filters + timeframe: + additionalProperties: false + type: object + properties: + days: + description: >- + Defines the days of the week that the action + can run, represented as an array of numbers. + For example, `1` represents Monday. An empty + array is equivalent to specifying all the + days of the week. + items: + enum: + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + type: integer + type: array + hours: + additionalProperties: false + type: object + properties: + end: + description: >- + The end of the time frame in 24-hour + notation (`hh:mm`). + type: string + start: + description: >- + The start of the time frame in 24-hour + notation (`hh:mm`). + type: string + required: + - start + - end + timezone: + description: >- + The ISO time zone for the `hours` values. + Values such as `UTC` and `UTC+1` also work + but lack built-in daylight savings time + support and are not recommended. + type: string + required: + - days + - hours + - timezone + connector_type_id: + description: >- + The type of connector. This property appears in + responses but cannot be set in requests. + type: string + frequency: + additionalProperties: false + type: object + properties: + notify_when: + description: >- + Indicates how often alerts generate actions. + Valid values include: `onActionGroupChange`: + Actions run when the alert status changes; + `onActiveAlert`: Actions run when the alert + becomes active and at each check interval while + the rule conditions are met; + `onThrottleInterval`: Actions run when the alert + becomes active and at the interval specified in + the throttle property while the rule conditions + are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The + recommended method is to set it for each action. + If you set it at the rule level then update the + rule in Kibana, it is automatically changed to + use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + summary: + description: Indicates whether the action is a summary. + type: boolean + throttle: + description: >- + The throttle interval, which defines how often + an alert generates repeated actions. It is + specified in seconds, minutes, hours, or days + and is applicable only if 'notify_when' is set + to 'onThrottleInterval'. NOTE: You cannot + specify the throttle interval at both the rule + and action level. The recommended method is to + set it for each action. If you set it at the + rule level then update the rule in Kibana, it is + automatically changed to use action-specific + values. + nullable: true + type: string + required: + - summary + - notify_when + - throttle + group: + description: >- + The group name, which affects when the action runs + (for example, when the threshold is met or when the + alert is recovered). Each rule type has a list of + valid action group names. If you don't need to group + actions, set to `default`. + type: string + id: + description: The identifier for the connector saved object. + type: string + params: + additionalProperties: {} + description: >- + The parameters for the action, which are sent to the + connector. The `params` are handled as Mustache + templates and passed a default set of context. + type: object + use_alert_data_for_template: + description: Indicates whether to use alert data as a template. + type: boolean + uuid: + description: >- + A universally unique identifier (UUID) for the + action. + type: string + required: + - id + - connector_type_id + - params + type: array + active_snoozes: + items: + description: List of active snoozes for the rule. + type: string + type: array + alert_delay: + additionalProperties: false + description: >- + Indicates that an alert occurs only when the specified + number of consecutive runs met the rule conditions. + type: object + properties: + active: + description: >- + The number of consecutive runs that must meet the rule + conditions. + type: number + required: + - active + api_key_created_by_user: + description: >- + Indicates whether the API key that is associated with the + rule was created by the user. + nullable: true + type: boolean + api_key_owner: + description: >- + The owner of the API key that is associated with the rule + and used to run background tasks. + nullable: true + type: string + consumer: + description: >- + The name of the application or feature that owns the rule. + For example: `alerts`, `apm`, `discover`, + `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, + `securitySolution`, `siem`, `stackAlerts`, or `uptime`. + type: string + created_at: + description: The date and time that the rule was created. + type: string + created_by: + description: The identifier for the user that created the rule. + nullable: true + type: string + enabled: + description: >- + Indicates whether you want to run the rule on an interval + basis after it is created. + type: boolean + execution_status: + additionalProperties: false + type: object + properties: + error: + additionalProperties: false + type: object + properties: + message: + description: Error message. + type: string + reason: + description: Reason for error. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + type: string + required: + - reason + - message + last_duration: + description: Duration of last execution of the rule. + type: number + last_execution_date: + description: The date and time when rule was executed last. + type: string + status: + description: Status of rule execution. + enum: + - ok + - active + - error + - warning + - pending + - unknown + type: string + warning: + additionalProperties: false + type: object + properties: + message: + description: Warning message. + type: string + reason: + description: Reason for warning. + enum: + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + type: string + required: + - reason + - message + required: + - status + - last_execution_date + id: + description: The identifier for the rule. + type: string + is_snoozed_until: + description: The date when the rule will no longer be snoozed. + nullable: true + type: string + last_run: + additionalProperties: false + nullable: true + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: Number of ignored alerts during last run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: Number of recovered alerts during last run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value could be + succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: Outcome message generated during last rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + mapped_params: + additionalProperties: {} + type: object + monitoring: + additionalProperties: false + description: Monitoring details of the rule. + type: object + properties: + run: + additionalProperties: false + description: Rule run details. + type: object + properties: + calculated_metrics: + additionalProperties: false + description: >- + Calculation of different percentiles and success + ratio. + type: object + properties: + p50: + type: number + p95: + type: number + p99: + type: number + success_ratio: + type: number + required: + - success_ratio + history: + description: History of the rule run. + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule run. + type: number + outcome: + additionalProperties: false + type: object + properties: + alerts_count: + additionalProperties: false + type: object + properties: + active: + description: Number of active alerts during last run. + nullable: true + type: number + ignored: + description: >- + Number of ignored alerts during last + run. + nullable: true + type: number + new: + description: Number of new alerts during last run. + nullable: true + type: number + recovered: + description: >- + Number of recovered alerts during last + run. + nullable: true + type: number + outcome: + description: >- + Outcome of last run of the rule. Value + could be succeeded, warning or failed. + enum: + - succeeded + - warning + - failed + type: string + outcome_msg: + items: + description: >- + Outcome message generated during last + rule run. + type: string + nullable: true + type: array + outcome_order: + description: Order of the outcome. + type: number + warning: + description: Warning of last rule execution. + enum: + - read + - decrypt + - execute + - unknown + - license + - timeout + - disabled + - validate + - maxExecutableActions + - maxAlerts + - maxQueuedActions + - ruleExecution + nullable: true + type: string + required: + - outcome + - alerts_count + success: + description: >- + Indicates whether the rule run was + successful. + type: boolean + timestamp: + description: Time of rule run. + type: number + required: + - success + - timestamp + type: array + last_run: + additionalProperties: false + type: object + properties: + metrics: + additionalProperties: false + type: object + properties: + duration: + description: Duration of most recent rule run. + type: number + gap_duration_s: + description: Duration in seconds of rule run gap. + nullable: true + type: number + total_alerts_created: + description: >- + Total number of alerts created during last + rule run. + nullable: true + type: number + total_alerts_detected: + description: >- + Total number of alerts detected during + last rule run. + nullable: true + type: number + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during + last rule run in milliseconds. + nullable: true + type: number + total_search_duration_ms: + description: >- + Total time spent performing Elasticsearch + searches as measured by Kibana; includes + network latency and time spent serializing + or deserializing the request and response. + nullable: true + type: number + timestamp: + description: Time of the most recent rule run. + type: string + required: + - timestamp + - metrics + required: + - history + - calculated_metrics + - last_run + required: + - run + mute_all: + description: Indicates whether all alerts are muted. + type: boolean + muted_alert_ids: + items: + description: 'List of identifiers of muted alerts. ' + type: string + type: array + name: + description: ' The name of the rule.' + type: string + next_run: + description: Date and time of the next run of the rule. + nullable: true + type: string + notify_when: + description: >- + Indicates how often alerts generate actions. Valid values + include: `onActionGroupChange`: Actions run when the alert + status changes; `onActiveAlert`: Actions run when the + alert becomes active and at each check interval while the + rule conditions are met; `onThrottleInterval`: Actions run + when the alert becomes active and at the interval + specified in the throttle property while the rule + conditions are met. NOTE: You cannot specify `notify_when` + at both the rule and action level. The recommended method + is to set it for each action. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + nullable: true + type: string + params: + additionalProperties: {} + description: The parameters for the rule. + type: object + revision: + description: The rule revision number. + type: number + rule_type_id: + description: The rule type identifier. + type: string + running: + description: Indicates whether the rule is running. + nullable: true + type: boolean + schedule: + additionalProperties: false + type: object + properties: + interval: + description: >- + The interval is specified in seconds, minutes, hours, + or days. + type: string + required: + - interval + scheduled_task_id: + description: Identifier of the scheduled task. + type: string + snooze_schedule: + items: + additionalProperties: false + type: object + properties: + duration: + description: Duration of the rule snooze schedule. + type: number + id: + description: Identifier of the rule snooze schedule. + type: string + rRule: + additionalProperties: false + type: object + properties: + byhour: + items: + description: Indicates hours of the day to recur. + type: number + type: array + byminute: + items: + description: Indicates minutes of the hour to recur. + type: number + type: array + bymonth: + items: + description: >- + Indicates months of the year that this rule + should recur. + type: number + type: array + bymonthday: + items: + description: Indicates the days of the month to recur. + type: number + type: array + bysecond: + items: + description: Indicates seconds of the day to recur. + type: number + type: array + bysetpos: + items: + description: >- + A positive or negative integer affecting the + nth day of the month. For example, -2 combined + with `byweekday` of FR is 2nd to last Friday + of the month. It is recommended to not set + this manually and just use `byweekday`. + type: number + type: array + byweekday: + items: + anyOf: + - type: string + - type: number + description: >- + Indicates the days of the week to recur or + else nth-day-of-month strings. For example, + "+2TU" second Tuesday of month, "-1FR" last + Friday of the month, which are internally + converted to a `byweekday/bysetpos` + combination. + type: array + byweekno: + items: + description: Indicates number of the week hours to recur. + type: number + type: array + byyearday: + items: + description: >- + Indicates the days of the year that this rule + should recur. + type: number + type: array + count: + description: >- + Number of times the rule should recur until it + stops. + type: number + dtstart: + description: >- + Rule start date in Coordinated Universal Time + (UTC). + type: string + freq: + description: >- + Indicates frequency of the rule. Options are + YEARLY, MONTHLY, WEEKLY, DAILY. + enum: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + type: integer + interval: + description: >- + Indicates the interval of frequency. For + example, 1 and YEARLY is every 1 year, 2 and + WEEKLY is every 2 weeks. + type: number + tzid: + description: Indicates timezone abbreviation. + type: string + until: + description: Recur the rule until this date. + type: string + wkst: + description: Indicates the start of week, defaults to Monday. + enum: + - MO + - TU + - WE + - TH + - FR + - SA + - SU + type: string + required: + - dtstart + - tzid + skipRecurrences: + items: + description: Skips recurrence of rule on this date. + type: string + type: array + required: + - duration + - rRule + type: array + tags: + items: + description: The tags for the rule. + type: string + type: array + throttle: + deprecated: true + description: >- + Deprecated in 8.13.0. Use the `throttle` property in the + action `frequency` object instead. The throttle interval, + which defines how often an alert generates repeated + actions. NOTE: You cannot specify the throttle interval at + both the rule and action level. If you set it at the rule + level then update the rule in Kibana, it is automatically + changed to use action-specific values. + nullable: true + type: string + updated_at: + description: The date and time that the rule was updated most recently. + type: string + updated_by: + description: >- + The identifier for the user that updated this rule most + recently. + nullable: true + type: string + view_in_app_relative_url: + description: Relative URL to view rule in the app. + nullable: true + type: string + required: + - id + - enabled + - name + - tags + - rule_type_id + - consumer + - schedule + - actions + - params + - created_by + - updated_by + - created_at + - updated_at + - api_key_owner + - mute_all + - muted_alert_ids + - execution_status + - revision + description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + summary: Get information about rules + tags: + - alerting + /api/alerts/alert/{alertId}: + delete: + deprecated: true + description: > + Deprecated in 7.13.0. Use the delete rule API instead. WARNING: After + you delete an alert, you cannot recover it. + operationId: legaryDeleteAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Delete an alert + tags: + - alerting + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get rule API instead. + operationId: legacyGetAlert + parameters: + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_alert_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get an alert by identifier + tags: + - alerting + post: + deprecated: true + description: Deprecated in 7.13.0. Use the create rule API instead. + operationId: legacyCreateAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: >- + An UUID v1 or v4 identifier for the alert. If this parameter is + omitted, the identifier is randomly generated. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + title: Legacy create alert request properties + type: object + properties: + actions: + items: + type: object + properties: + actionTypeId: + description: The identifier for the action type. + type: string + group: + description: > + Grouping actions is recommended for escalations for + different types of alert instances. If you don't need + this functionality, set it to `default`. + type: string + id: + description: The ID of the action saved object. + type: string + params: + description: > + The map to the `params` that the action type will + receive. `params` are handled as Mustache templates + and passed a default set of context. + type: object + required: + - actionTypeId + - group + - id + - params + type: array + alertTypeId: + description: >- + The ID of the alert type that you want to call when the + alert is scheduled to run. + type: string + consumer: + description: >- + The name of the application that owns the alert. This name + has to match the Kibana feature name, as that dictates the + required role-based access control privileges. + type: string + enabled: + description: >- + Indicates if you want to run the alert on an interval basis + after it is created. + type: boolean + name: + description: A name to reference and search. + type: string + notifyWhen: + description: The condition for throttling the notification. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + params: + description: >- + The parameters to pass to the alert type executor `params` + value. This will also validate against the alert type params + validator, if defined. + type: object + schedule: + description: > + The schedule specifying when this alert should be run. A + schedule is structured such that the key specifies the + format you wish to use and its value specifies the schedule. + type: object + properties: + interval: + description: >- + The interval format specifies the interval in seconds, + minutes, hours or days at which the alert should run. + example: 10s + type: string + tags: + description: A list of keywords to reference and search. + items: + type: string + type: array + throttle: + description: > + How often this alert should fire the same actions. This will + prevent the alert from sending out the same notification + over and over. For example, if an alert with a schedule of 1 + minute stays in a triggered state for 90 minutes, setting a + throttle of `10m` or `1h` will prevent it from sending 90 + notifications during this period. + type: string + required: + - alertTypeId + - consumer + - name + - notifyWhen + - params + - schedule + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_alert_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Create an alert + tags: + - alerting + put: + deprecated: true + description: Deprecated in 7.13.0. Use the update rule API instead. + operationId: legacyUpdateAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + title: Legacy update alert request properties + type: object + properties: + actions: + items: + type: object + properties: + actionTypeId: + description: The identifier for the action type. + type: string + group: + description: > + Grouping actions is recommended for escalations for + different types of alert instances. If you don't need + this functionality, set it to `default`. + type: string + id: + description: The ID of the action saved object. + type: string + params: + description: > + The map to the `params` that the action type will + receive. `params` are handled as Mustache templates + and passed a default set of context. + type: object + required: + - actionTypeId + - group + - id + - params + type: array + name: + description: A name to reference and search. + type: string + notifyWhen: + description: The condition for throttling the notification. + enum: + - onActionGroupChange + - onActiveAlert + - onThrottleInterval + type: string + params: + description: >- + The parameters to pass to the alert type executor `params` + value. This will also validate against the alert type params + validator, if defined. + type: object + schedule: + description: > + The schedule specifying when this alert should be run. A + schedule is structured such that the key specifies the + format you wish to use and its value specifies the schedule. + type: object + properties: + interval: + description: >- + The interval format specifies the interval in seconds, + minutes, hours or days at which the alert should run. + example: 1d + type: string + tags: + description: A list of keywords to reference and search. + items: + type: string + type: array + throttle: + description: > + How often this alert should fire the same actions. This will + prevent the alert from sending out the same notification + over and over. For example, if an alert with a schedule of 1 + minute stays in a triggered state for 90 minutes, setting a + throttle of `10m` or `1h` will prevent it from sending 90 + notifications during this period. + type: string + required: + - name + - notifyWhen + - params + - schedule + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_alert_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Update an alert + tags: + - alerting + /api/alerts/alert/{alertId}/_disable: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the disable rule API instead. + operationId: legacyDisableAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Disable an alert + tags: + - alerting + /api/alerts/alert/{alertId}/_enable: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the enable rule API instead. + operationId: legacyEnableAlert + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Enable an alert + tags: + - alerting + /api/alerts/alert/{alertId}/_mute_all: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the mute all alerts API instead. + operationId: legacyMuteAllAlertInstances + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Mute all alert instances + tags: + - alerting + /api/alerts/alert/{alertId}/_unmute_all: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the unmute all alerts API instead. + operationId: legacyUnmuteAllAlertInstances + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: The identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Unmute all alert instances + tags: + - alerting + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the mute alert API instead. + operationId: legacyMuteAlertInstance + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + - description: An identifier for the alert instance. + in: path + name: alertInstanceId + required: true + schema: + example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Mute an alert instance + tags: + - alerting + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute: + post: + deprecated: true + description: Deprecated in 7.13.0. Use the unmute alert API instead. + operationId: legacyUnmuteAlertInstance + parameters: + - $ref: '#/components/parameters/Alerting_kbn_xsrf' + - description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 41893910-6bca-11eb-9e0d-85d233e3ee35 + type: string + - description: An identifier for the alert instance. + in: path + name: alertInstanceId + required: true + schema: + example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 + type: string + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Unmute an alert instance + tags: + - alerting + /api/alerts/alerts/_find: + get: + deprecated: true + description: > + Deprecated in 7.13.0. Use the find rules API instead. NOTE: Alert + `params` are stored as a flattened field type and analyzed as keywords. + As alerts change in Kibana, the results on each page of the response + also change. Use the find API for traditional paginated results, but + avoid using it to export large amounts of data. + operationId: legacyFindAlerts + parameters: + - description: The default operator to use for the `simple_query_string`. + example: OR + in: query + name: default_search_operator + schema: + default: OR + type: string + - description: The fields to return in the `attributes` key of the response. + in: query + name: fields + schema: + items: + type: string + type: array + - description: > + A KQL string that you filter with an attribute from your saved + object. It should look like `savedObjectType.attributes.title: + "myTitle"`. However, if you used a direct attribute of a saved + object, such as `updatedAt`, you must define your filter, for + example, `savedObjectType.updatedAt > 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters the rules that have a relation with the reference objects + with a specific type and identifier. + in: query + name: has_reference + schema: + type: object + properties: + id: + type: string + type: + type: string + - description: The page number to return. + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: The number of alerts to return per page. + example: 20 + in: query + name: per_page + schema: + default: 20 + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the alerts + in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - items: + type: string + type: array + - description: > + Determines which field is used to sort the results. The field must + exist in the `attributes` key of the response. + in: query + name: sort_field + schema: + type: string + - description: Determines the sort order. + example: asc + in: query + name: sort_order + schema: + default: desc + enum: + - asc + - desc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: '#/components/schemas/Alerting_alert_response_properties' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get a paginated set of alerts + tags: + - alerting + /api/alerts/alerts/_health: + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get alerting framework health API instead. + operationId: legacyGetAlertingHealth + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + alertingFrameworkHealth: + description: > + Three substates identify the health of the alerting + framework: `decryptionHealth`, `executionHealth`, and + `readHealth`. + type: object + properties: + decryptionHealth: + description: The timestamp and status of the alert decryption. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + executionHealth: + description: The timestamp and status of the alert execution. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + readHealth: + description: The timestamp and status of the alert reading events. + type: object + properties: + status: + enum: + - error + - ok + - warn + example: ok + type: string + timestamp: + example: '2023-01-13T01:28:00.280Z' + format: date-time + type: string + hasPermanentEncryptionKey: + description: >- + If `false`, the encrypted saved object plugin does not + have a permanent encryption key. + example: true + type: boolean + isSufficientlySecure: + description: If `false`, security is enabled but TLS is not. + example: true + type: boolean + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the alerting framework health + tags: + - alerting + /api/alerts/alerts/list_alert_types: + get: + deprecated: true + description: Deprecated in 7.13.0. Use the get rule types API instead. + operationId: legacyGetAlertTypes + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + actionGroups: + description: > + An explicit list of groups for which the alert type can + schedule actions, each with the action group's unique ID + and human readable name. Alert actions validation uses + this configuration to ensure that groups are valid. + items: + type: object + properties: + id: + type: string + name: + type: string + type: array + actionVariables: + description: > + A list of action variables that the alert type makes + available via context and state in action parameter + templates, and a short human readable description. The + Alert UI will use this information to prompt users for + these variables in action parameter editors. + type: object + properties: + context: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + params: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + state: + items: + type: object + properties: + description: + type: string + name: + type: string + type: array + authorizedConsumers: + description: >- + The list of the plugins IDs that have access to the + alert type. + type: object + defaultActionGroupId: + description: The default identifier for the alert type group. + type: string + enabledInLicense: + description: >- + Indicates whether the rule type is enabled based on the + subscription. + type: boolean + id: + description: The unique identifier for the alert type. + type: string + isExportable: + description: >- + Indicates whether the alert type is exportable in Saved + Objects Management UI. + type: boolean + minimumLicenseRequired: + description: The subscriptions required to use the alert type. + type: string + name: + description: The descriptive name of the alert type. + type: string + producer: + description: >- + An identifier for the application that produces this + alert type. + type: string + recoveryActionGroup: + description: > + An action group to use when an alert instance goes from + an active state to an inactive one. If it is not + specified, the default recovered action group is used. + type: object + properties: + id: + type: string + name: + type: string + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Alerting_401_response' + description: Authorization information is missing or invalid. + summary: Get the alert types + tags: + - alerting + /api/apm/agent_keys: + post: + description: Create a new agent key for APM. + operationId: createAgentKey + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + privileges: + items: + enum: + - event:write + - config_agent:read + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + encoded: + type: string + expiration: + format: int64 + type: integer + id: + type: string + name: + type: string + description: Agent key created successfully + summary: Create an APM agent key + tags: + - APM agent keys + /api/apm/services/{serviceName}/annotation: + post: + description: Create a new annotation for a specific service. + operationId: createAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + '@timestamp': + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + version: + type: string + tags: + items: + type: string + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _id: + type: string + _index: + type: string + _source: + type: object + properties: + '@timestamp': + type: string + annotation: + type: string + event: + type: object + properties: + created: + type: string + message: + type: string + service: + type: object + properties: + environment: + type: string + name: + type: string + version: + type: string + tags: + items: + type: string + type: array + description: Annotation created successfully + summary: Create a service annotation + tags: + - APM annotations + /api/apm/services/{serviceName}/annotation/search: + get: + description: Search for annotations related to a specific service. + operationId: getAnnotation + parameters: + - description: The name of the service + in: path + name: serviceName + required: true + schema: + type: string + - description: The environment to filter annotations by + in: query + name: environment + required: false + schema: + type: string + - description: The start date for the search + in: query + name: start + required: false + schema: + type: string + - description: The end date for the search + in: query + name: end + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + annotations: + items: + type: object + properties: + '@timestamp': + type: number + id: + type: string + text: + type: string + type: + enum: + - version + type: string + type: array + description: Successful response + summary: Search for annotations + tags: + - APM annotations + /api/asset_criticality: + delete: + description: Delete the asset criticality record for a specific entity. + operationId: DeleteAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + - description: If 'wait_for' the request will wait for the index refresh. + in: query + name: refresh + required: false + schema: + enum: + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + description: >- + True if the record was deleted or false if the record did + not exist. + type: boolean + record: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: The deleted record if it existed. + required: + - deleted + description: Successful response + '400': + description: Invalid request + summary: Delete an asset criticality record + tags: + - Security Solution Entity Analytics API + get: + description: Get the asset criticality record for a specific entity. + operationId: GetAssetCriticalityRecord + parameters: + - description: The ID value of the asset. + in: query + name: id_value + required: true + schema: + type: string + - description: The field representing the ID. + example: host.name + in: query + name: id_field + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IdField + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + '404': + description: Criticality record not found + summary: Get an asset criticality record + tags: + - Security Solution Entity Analytics API + post: + description: > + Create or update an asset criticality record for a specific entity. + + + If a record already exists for the specified entity, that record is + overwritten with the specified value. If a record doesn't exist for the + specified entity, a new record is created. + operationId: CreateAssetCriticalityRecord + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + refresh: + description: >- + If 'wait_for' the request will wait for the index + refresh. + enum: + - wait_for + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + description: Successful response + '400': + description: Invalid request + summary: Upsert an asset criticality record + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/bulk: + post: + description: > + Bulk upsert up to 1000 asset criticality records. + + + If asset criticality records already exist for the specified entities, + those records are overwritten with the specified values. If asset + criticality records don't exist for the specified entities, new records + are created. + operationId: BulkUpsertAssetCriticalityRecords + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + records: + - criticality_level: low_impact + id_field: host.name + id_value: host-1 + - criticality_level: medium_impact + id_field: host.name + id_value: host-2 + type: object + properties: + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + maxItems: 1000 + minItems: 1 + type: array + required: + - records + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + errors: + - index: 0 + message: Invalid ID field + stats: + failed: 1 + successful: 1 + total: 2 + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem + type: array + stats: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats + required: + - errors + - stats + description: Bulk upload successful + '413': + description: File too large + summary: Bulk upsert asset criticality records + tags: + - Security Solution Entity Analytics API + /api/asset_criticality/list: + get: + description: List asset criticality records, paging, sorting and filtering as needed. + operationId: FindAssetCriticalityRecords + parameters: + - description: The field to sort by. + in: query + name: sort_field + required: false + schema: + enum: + - id_value + - id_field + - criticality_level + - \@timestamp + type: string + - description: The order to sort by. + in: query + name: sort_direction + required: false + schema: + enum: + - asc + - desc + type: string + - description: The page number to return. + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of records to return per page. + in: query + name: per_page + required: false + schema: + maximum: 1000 + minimum: 1 + type: integer + - description: The kuery to filter by. + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecord + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Bulk upload successful + summary: List asset criticality records + tags: + - Security Solution Entity Analytics API + /api/cases: + delete: + description: > + You must have `read` or `all` privileges and the `delete` sub-feature + privilege for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're deleting. + operationId: deleteCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_ids' + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Delete cases + tags: + - cases + patch: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the + Kibana feature privileges, depending on the owner of the case you're + updating. + operationId: updateCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseRequest: + $ref: '#/components/examples/Cases_update_case_request' + schema: + $ref: '#/components/schemas/Cases_update_case_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseResponse: + $ref: '#/components/examples/Cases_update_case_response' + schema: + items: + $ref: '#/components/schemas/Cases_case_response_properties' + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Update cases + tags: + - cases + post: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the + Kibana feature privileges, depending on the owner of the case you're + creating. + operationId: createCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseRequest: + $ref: '#/components/examples/Cases_create_case_request' + schema: + $ref: '#/components/schemas/Cases_create_case_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseResponse: + $ref: '#/components/examples/Cases_create_case_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Create a case + tags: + - cases + /api/cases/_find: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're seeking. + operationId: findCasesDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_assignees' + - $ref: '#/components/parameters/Cases_category' + - $ref: '#/components/parameters/Cases_defaultSearchOperator' + - $ref: '#/components/parameters/Cases_from' + - $ref: '#/components/parameters/Cases_owner' + - $ref: '#/components/parameters/Cases_page_index' + - $ref: '#/components/parameters/Cases_page_size' + - $ref: '#/components/parameters/Cases_reporters' + - $ref: '#/components/parameters/Cases_search' + - $ref: '#/components/parameters/Cases_searchFields' + - $ref: '#/components/parameters/Cases_severity' + - $ref: '#/components/parameters/Cases_sortField' + - $ref: '#/components/parameters/Cases_sort_order' + - $ref: '#/components/parameters/Cases_status' + - $ref: '#/components/parameters/Cases_tags' + - $ref: '#/components/parameters/Cases_to' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + findCaseResponse: + $ref: '#/components/examples/Cases_find_case_response' + schema: + type: object + properties: + cases: + items: + $ref: '#/components/schemas/Cases_case_response_properties' + maxItems: 10000 + type: array + count_closed_cases: + type: integer + count_in_progress_cases: + type: integer + count_open_cases: + type: integer + page: + type: integer + per_page: + type: integer + total: + type: integer + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Search cases + tags: + - cases + /api/cases/{caseId}: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're seeking. + operationId: getCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_includeComments' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDefaultCaseResponse: + $ref: '#/components/examples/Cases_get_case_response' + getDefaultObservabilityCaseReponse: + $ref: '#/components/examples/Cases_get_case_observability_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case information + tags: + - cases + /api/cases/{caseId}/alerts: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're seeking. + operationId: getCaseAlertsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getCaseAlertsResponse: + $ref: '#/components/examples/Cases_get_case_alerts_response' + schema: + items: + $ref: '#/components/schemas/Cases_alert_response_properties' + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get all alerts for a case + tags: + - cases + x-technical-preview: true + /api/cases/{caseId}/comments: + delete: + description: > + Deletes all comments and alerts from a case. You must have `all` + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're deleting. + operationId: deleteCaseCommentsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Delete all case comments and alerts + tags: + - cases + get: + deprecated: true + description: > + Deprecated in 8.1.0. This API is deprecated and will be removed in a + future release; instead, use the get case comment API, which requires a + comment identifier in the path. You must have `read` privileges for the + **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on the + owner of the cases with the comments you're seeking. + operationId: getAllCaseCommentsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get all case comments + tags: + - cases + patch: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're updating. + NOTE: You cannot change the comment type or the owner of a comment. + operationId: updateCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseCommentRequest: + $ref: '#/components/examples/Cases_update_comment_request' + schema: + $ref: '#/components/schemas/Cases_update_case_comment_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseCommentResponse: + $ref: '#/components/examples/Cases_update_comment_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Update a case comment or alert + tags: + - cases + post: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're creating. + NOTE: Each case can have a maximum of 1,000 alerts. + operationId: addCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseCommentRequest: + $ref: '#/components/examples/Cases_add_comment_request' + schema: + $ref: '#/components/schemas/Cases_add_case_comment_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createCaseCommentResponse: + $ref: '#/components/examples/Cases_add_comment_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Add a case comment or alert + tags: + - cases + /api/cases/{caseId}/comments/_find: + get: + description: > + Retrieves a paginated list of comments for a case. You must have `read` + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases with the comments you're + seeking. + operationId: findCaseCommentsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_page_index' + - $ref: '#/components/parameters/Cases_page_size' + - $ref: '#/components/parameters/Cases_sort_order' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Find case comments and alerts + tags: + - cases + /api/cases/{caseId}/comments/{commentId}: + delete: + description: > + You must have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're deleting. + operationId: deleteCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_comment_id' + responses: + '204': + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Delete a case comment or alert + tags: + - cases + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases with the + comments you're seeking. + operationId: getCaseCommentDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_comment_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getCaseCommentResponse: + $ref: '#/components/examples/Cases_get_comment_response' + schema: + oneOf: + - $ref: >- + #/components/schemas/Cases_alert_comment_response_properties + - $ref: >- + #/components/schemas/Cases_user_comment_response_properties + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get a case comment or alert + tags: + - cases + /api/cases/{caseId}/connector/{connectorId}/_push: + post: + description: > + You must have `all` privileges for the **Actions and Connectors** + feature in the **Management** section of the Kibana feature privileges. + You must also have `all` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the case you're pushing. + operationId: pushCaseDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_connector_id' + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + pushCaseResponse: + $ref: '#/components/examples/Cases_push_case_response' + schema: + $ref: '#/components/schemas/Cases_case_response_properties' + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Push a case to an external service + tags: + - cases + /api/cases/{caseId}/user_actions: + get: + deprecated: true + description: > + Returns all user activity for a case. Deprecated in 8.1.0. This API is + deprecated and will be removed in a future release; use the find user + actions API instead. You must have `read` privileges for the **Cases** + feature in the **Management**, **Observability**, or **Security** + section of the Kibana feature privileges, depending on the owner of the + case you're seeking. + operationId: getCaseActivityDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: '#/components/schemas/Cases_user_actions_response_properties' + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case activity + tags: + - cases + /api/cases/{caseId}/user_actions/_find: + get: + description: > + Retrives a paginated list of user activity for a case. You must have + `read` privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the case you're seeking. + operationId: findCaseActivityDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_case_id' + - $ref: '#/components/parameters/Cases_page_index' + - $ref: '#/components/parameters/Cases_page_size' + - $ref: '#/components/parameters/Cases_sort_order' + - $ref: '#/components/parameters/Cases_user_action_types' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + findCaseActivityResponse: + $ref: '#/components/examples/Cases_find_case_activity_response' + schema: + type: object + properties: + page: + type: integer + perPage: + type: integer + total: + type: integer + userActions: + items: + $ref: >- + #/components/schemas/Cases_user_actions_find_response_properties + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Find case activity + tags: + - cases + /api/cases/alerts/{alertId}: + get: + description: > + You must have `read` privileges for the **Cases** feature in the + **Management**, **Observability**, or **Security** section of the Kibana + feature privileges, depending on the owner of the cases you're seeking. + operationId: getCasesByAlertDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_alert_id' + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + example: + - id: 06116b80-e1c3-11ec-be9b-9b1838238ee6 + title: security_case + items: + type: object + properties: + id: + description: The case identifier. + type: string + title: + description: The case title. + type: string + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get cases for an alert + tags: + - cases + x-technical-preview: true + /api/cases/configure: + get: + description: > + Get setting details such as the closure type, custom fields, templatse, + and the default connector for cases. You must have `read` privileges for + the **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on + where the cases were created. + operationId: getCaseConfigurationDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getConfigurationResponse: + $ref: '#/components/examples/Cases_get_case_configuration_response' + schema: + items: + type: object + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are + not used and are not propagated to individual cases, + therefore it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want + a default connector, use `none`. To retrieve + connector IDs, use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a + default connector, use `none`. To retrieve connector + names, use the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + created_at: + example: '2022-06-01T17:07:17.767Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + customFields: + description: Custom fields configuration details. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the + `type` is `text`, the default value must be a + string. If the `type` is `toggle`, the default + value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower + case and composed only of a-z, 0-9, '_', and '-' + characters. It is used in API calls to refer to a + specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: >- + The custom field label that is displayed in the + case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If + `false`, the custom field can be set to null or + omitted when a case is created or updated. + type: boolean + type: array + error: + example: null + nullable: true + type: string + id: + example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + type: string + mappings: + items: + type: object + properties: + action_type: + example: overwrite + type: string + source: + example: title + type: string + target: + example: summary + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + updated_at: + example: '2022-06-01T19:58:48.169Z' + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzIwNzMsMV0= + type: string + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case settings + tags: + - cases + post: + description: > + Case settings include external connection details, custom fields, and + templates. Connectors are used to interface with external systems. You + must create a connector before you can use it in your cases. If you set + a default connector, it is automatically selected when you create cases + in Kibana. If you use the create case API, however, you must still + specify all of the connector details. You must have `all` privileges for + the **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on + where you are creating cases. + operationId: setCaseConfigurationDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setCaseConfigRequest: + $ref: '#/components/examples/Cases_set_case_configuration_request' + schema: + $ref: '#/components/schemas/Cases_set_case_configuration_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setCaseConfigResponse: + $ref: '#/components/examples/Cases_set_case_configuration_response' + schema: + type: object + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, + therefore it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector + IDs, use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a + default connector, use `none`. To retrieve connector + names, use the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + created_at: + example: '2022-06-01T17:07:17.767Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + customFields: + description: Custom fields configuration details. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` + is `text`, the default value must be a string. If + the `type` is `toggle`, the default value must be + boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower + case and composed only of a-z, 0-9, '_', and '-' + characters. It is used in API calls to refer to a + specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: >- + The custom field label that is displayed in the + case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, + the custom field can be set to null or omitted when + a case is created or updated. + type: boolean + type: array + error: + example: null + nullable: true + type: string + id: + example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + type: string + mappings: + items: + type: object + properties: + action_type: + example: overwrite + type: string + source: + example: title + type: string + target: + example: summary + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + updated_at: + example: '2022-06-01T19:58:48.169Z' + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzIwNzMsMV0= + type: string + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Add case settings + tags: + - cases + /api/cases/configure/{configurationId}: + patch: + description: > + Updates setting details such as the closure type, custom fields, + templates, and the default connector for cases. Connectors are used to + interface with external systems. You must create a connector before you + can use it in your cases. You must have `all` privileges for the + **Cases** feature in the **Management**, **Observability**, or + **Security** section of the Kibana feature privileges, depending on + where the case was created. + operationId: updateCaseConfigurationDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_kbn_xsrf' + - $ref: '#/components/parameters/Cases_configuration_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseConfigurationRequest: + $ref: '#/components/examples/Cases_update_case_configuration_request' + schema: + $ref: '#/components/schemas/Cases_update_case_configuration_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateCaseConfigurationResponse: + $ref: >- + #/components/examples/Cases_update_case_configuration_response + schema: + type: object + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, + therefore it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector + IDs, use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a + default connector, use `none`. To retrieve connector + names, use the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + created_at: + example: '2022-06-01T17:07:17.767Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + customFields: + description: Custom fields configuration details. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` + is `text`, the default value must be a string. If + the `type` is `toggle`, the default value must be + boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower + case and composed only of a-z, 0-9, '_', and '-' + characters. It is used in API calls to refer to a + specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: >- + The custom field label that is displayed in the + case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, + the custom field can be set to null or omitted when + a case is created or updated. + type: boolean + type: array + error: + example: null + nullable: true + type: string + id: + example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + type: string + mappings: + items: + type: object + properties: + action_type: + example: overwrite + type: string + source: + example: title + type: string + target: + example: summary + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + updated_at: + example: '2022-06-01T19:58:48.169Z' + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzIwNzMsMV0= + type: string + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Update case settings + tags: + - cases + /api/cases/configure/connectors/_find: + get: + description: > + Get information about connectors that are supported for use in cases. + You must have `read` privileges for the **Actions and Connectors** + feature in the **Management** section of the Kibana feature privileges. + operationId: findCaseConnectorsDefaultSpace + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + findConnectorResponse: + $ref: '#/components/examples/Cases_find_connector_response' + schema: + items: + type: object + properties: + actionTypeId: + $ref: '#/components/schemas/Cases_connector_types' + config: + additionalProperties: true + type: object + properties: + apiUrl: + type: string + projectKey: + type: string + id: + type: string + isDeprecated: + type: boolean + isMissingSecrets: + type: boolean + isPreconfigured: + type: boolean + name: + type: string + referencedByCount: + type: integer + maxItems: 1000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case connectors + tags: + - cases + /api/cases/reporters: + get: + description: > + Returns information about the users who opened cases. You must have read + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases. The API returns + information about the users as they existed at the time of the case + creation, including their name, full name, and email address. If any of + those details change thereafter or if a user is deleted, the information + returned by this API is unchanged. + operationId: getCaseReportersDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getReportersResponse: + $ref: '#/components/examples/Cases_get_reporters_response' + schema: + items: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case creators + tags: + - cases + /api/cases/status: + get: + deprecated: true + description: > + Returns the number of cases that are open, closed, and in progress. + Deprecated in 8.1.0. This API is deprecated and will be removed in a + future release; use the find cases API instead. You must have `read` + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're seeking. + operationId: getCaseStatusDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + count_closed_cases: + type: integer + count_in_progress_cases: + type: integer + count_open_cases: + type: integer + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case status summary + tags: + - cases + /api/cases/tags: + get: + description: > + Aggregates and returns a list of case tags. You must have read + privileges for the **Cases** feature in the **Management**, + **Observability**, or **Security** section of the Kibana feature + privileges, depending on the owner of the cases you're seeking. + operationId: getCaseTagsDefaultSpace + parameters: + - $ref: '#/components/parameters/Cases_owner' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getTagsResponse: + $ref: '#/components/examples/Cases_get_tags_response' + schema: + items: + type: string + maxItems: 10000 + type: array + description: Indicates a successful call. + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Cases_4xx_response' + description: Authorization information is missing or invalid. + summary: Get case tags + tags: + - cases + /api/data_views: + get: + operationId: getAllDataViewsDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getAllDataViewsResponse: + $ref: '#/components/examples/Data_views_get_data_views_response' + schema: + type: object + properties: + data_view: + items: + type: object + properties: + id: + type: string + name: + type: string + namespaces: + items: + type: string + type: array + title: + type: string + typeMeta: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get all data views + tags: + - data views + /api/data_views/data_view: + post: + operationId: createDataViewDefaultw + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createDataViewRequest: + $ref: '#/components/examples/Data_views_create_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_create_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create a data view + tags: + - data views + /api/data_views/data_view/{viewId}: + delete: + description: | + WARNING: When you delete a data view, it cannot be recovered. + operationId: deleteDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '204': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a data view + tags: + - data views + get: + operationId: getDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDataViewResponse: + $ref: '#/components/examples/Data_views_get_data_view_response' + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a data view + tags: + - data views + post: + operationId: updateDataViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateDataViewRequest: + $ref: '#/components/examples/Data_views_update_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_update_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_data_view_response_object' + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a data view + tags: + - data views + /api/data_views/data_view/{viewId}/fields: + post: + description: > + Update fields presentation metadata such as count, customLabel, + customDescription, and format. + operationId: updateFieldsMetadataDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateFieldsMetadataRequest: + $ref: '#/components/examples/Data_views_update_field_metadata_request' + schema: + type: object + properties: + fields: + description: The field object. + type: object + required: + - fields + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update data view fields metadata + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field: + post: + operationId: createRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + createRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + summary: Create a runtime field + tags: + - data views + put: + operationId: createUpdateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + - description: | + The ID of the data view fields you want to update. + in: path + name: viewId + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_create_runtime_field_request' + schema: + type: object + properties: + name: + description: | + The name for a runtime field. + type: string + runtimeField: + description: | + The runtime field definition object. + type: object + required: + - name + - runtimeField + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Create or update a runtime field + tags: + - data views + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: + delete: + operationId: deleteRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Delete a runtime field from a data view + tags: + - data views + get: + operationId: getRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getRuntimeFieldResponse: + $ref: '#/components/examples/Data_views_get_runtime_field_response' + schema: + type: object + properties: + data_view: + type: object + fields: + items: + type: object + type: array + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_404_response' + description: Object is not found. + summary: Get a runtime field + tags: + - data views + post: + operationId: updateRuntimeFieldDefault + parameters: + - $ref: '#/components/parameters/Data_views_field_name' + - $ref: '#/components/parameters/Data_views_view_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + updateRuntimeFieldRequest: + $ref: '#/components/examples/Data_views_update_runtime_field_request' + schema: + type: object + properties: + runtimeField: + description: | + The runtime field definition object. + + You can update following fields: + + - `type` + - `script` + type: object + required: + - runtimeField + required: true + responses: + '200': + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Update a runtime field + tags: + - data views + /api/data_views/default: + get: + operationId: getDefaultDataViewDefault + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + getDefaultDataViewResponse: + $ref: >- + #/components/examples/Data_views_get_default_data_view_response + schema: + type: object + properties: + data_view_id: + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Get the default data view + tags: + - data views + post: + operationId: setDefaultDatailViewDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + setDefaultDataViewRequest: + $ref: '#/components/examples/Data_views_set_default_data_view_request' + schema: + type: object + properties: + data_view_id: + description: > + The data view identifier. NOTE: The API does not validate + whether it is a valid identifier. Use `null` to unset the + default data view. + nullable: true + type: string + force: + default: false + description: Update an existing default data view identifier. + type: boolean + required: + - data_view_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Data_views_400_response' + description: Bad request + summary: Set the default data view + tags: + - data views + /api/data_views/swap_references: + post: + description: > + Changes saved object references from one data view identifier to + another. WARNING: Misuse can break large numbers of saved objects! + Practicing with a backup is recommended. + operationId: swapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + swapDataViewRequest: + $ref: '#/components/examples/Data_views_swap_data_view_request' + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleteStatus: + type: object + properties: + deletePerformed: + type: boolean + remainingRefs: + type: integer + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Swap saved object references + tags: + - data views + /api/data_views/swap_references/_preview: + post: + description: > + Preview the impact of swapping saved object references from one data + view identifier to another. + operationId: previewSwapDataViewsDefault + parameters: + - $ref: '#/components/parameters/Data_views_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + previewSwapDataViewRequest: + $ref: >- + #/components/examples/Data_views_preview_swap_data_view_request + schema: + $ref: '#/components/schemas/Data_views_swap_data_view_request_object' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + result: + items: + type: object + properties: + id: + description: A saved object identifier. + type: string + type: + description: The saved object type. + type: string + type: array + description: Indicates a successful call. + summary: Preview a saved object reference swap + tags: + - data views + /api/detection_engine/index: + delete: + operationId: DeleteAlertsIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: string + description: Index does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete an alerts index + tags: + - Security Solution Detections API + - Alert index API + get: + operationId: ReadAlertsIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + index_mapping_outdated: + nullable: true + type: boolean + name: + type: string + required: + - name + - index_mapping_outdated + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Reads the alert index name if it exists + tags: + - Security Solution Detections API + - Alert index API + post: + operationId: CreateAlertsIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not enough permissions response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Create an alerts index + tags: + - Security Solution Detections API + - Alert index API + /api/detection_engine/privileges: + get: + description: > + Retrieves whether or not the user is authenticated, and the user's + Kibana + + space and index privileges, which determine if the user can create an + + index for the Elastic Security alerts generated by + + detection engine rules. + operationId: ReadPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + has_encryption_key: + type: boolean + is_authenticated: + type: boolean + required: + - is_authenticated + - has_encryption_key + description: Successful response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Returns user privileges for the Kibana space + tags: + - Security Solution Detections API + - Privileges API + /api/detection_engine/rules: + delete: + description: Delete a detection rule using the `rule_id` or `id` field. + operationId: DeleteRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Delete a detection rule + tags: + - Security Solution Detections API + - Rules API + get: + description: Retrieve a detection rule using the `rule_id` or `id` field. + operationId: ReadRule + parameters: + - description: The rule's `id` value. + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + - description: The rule's `rule_id` value. + in: query + name: rule_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Retrieve a detection rule + tags: + - Security Solution Detections API + - Rules API + patch: + description: >- + Update specific fields of an existing detection rule using the `rule_id` + or `id` field. + operationId: PatchRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Patch a detection rule + tags: + - Security Solution Detections API + - Rules API + post: + description: Create a new detection rule. + operationId: CreateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Create a detection rule + tags: + - Security Solution Detections API + - Rules API + put: + description: > + Update a detection rule using the `rule_id` or `id` field. The original + rule is replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: UpdateRule + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + description: Indicates a successful call. + summary: Update a detection rule + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_bulk_action: + post: + description: >- + Apply a bulk action, such as bulk edit, duplicate, or delete, to + multiple detection rules. The bulk action is applied to all rules that + match the query or to the rules listed by their IDs. + operationId: PerformRulesBulkAction + parameters: + - description: Enables dry run mode for the request call. + in: query + name: dry_run + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDeleteRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDisableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEnableRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkDuplicateRules + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkManualRuleRun + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditRules + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkExportActionResponse + description: OK + summary: Apply a bulk action to detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_create: + post: + deprecated: true + description: Create new detection rules in bulk. + operationId: BulkCreateRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleCreateProps + type: array + description: A JSON array of rules, where each rule contains the required fields. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Create multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_delete: + delete: + deprecated: true + description: Delete detection rules in bulk. + operationId: BulkDeleteRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + post: + deprecated: true + description: Deletes multiple rules. + operationId: BulkDeleteRulesPost + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + type: array + description: >- + A JSON array of `id` or `rule_id` fields of the rules you want to + delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Delete multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_bulk_update: + patch: + deprecated: true + description: >- + Update specific fields of existing detection rules using the `rule_id` + or `id` field. + operationId: BulkPatchRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePatchProps + type: array + description: A JSON array of rules, where each rule contains the required fields. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Patch multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + put: + deprecated: true + description: > + Update multiple detection rules using the `rule_id` or `id` field. The + original rules are replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` or `rule_id` values. + operationId: BulkUpdateRules + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleUpdateProps + type: array + description: >- + A JSON array where each element includes the `id` or `rule_id` field + of the rule you want to update and the fields you want to modify. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkCrudRulesResponse + description: Indicates a successful call. + summary: Update multiple detection rules + tags: + - Security Solution Detections API + - Bulk API + /api/detection_engine/rules/_export: + post: + description: > + Export detection rules to an `.ndjson` file. The following configuration + items are also included in the `.ndjson` file: + + - Actions + + - Exception lists + + > info + + > You cannot export prebuilt rules. + operationId: ExportRules + parameters: + - description: Determines whether a summary of the exported rules is returned. + in: query + name: exclude_export_details + required: false + schema: + default: false + type: boolean + - description: File name for saving the exported rules. + in: query + name: file_name + required: false + schema: + default: export.ndjson + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + nullable: true + type: object + properties: + objects: + description: >- + Array of `rule_id` fields. Exports all rules when + unspecified. + items: + type: object + properties: + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - rule_id + type: array + required: + - objects + required: false + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: An `.ndjson` file containing the returned rules. + format: binary + type: string + description: Indicates a successful call. + summary: Export detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/_find: + get: + description: >- + Retrieve a paginated list of detection rules. By default, the first page + is returned, with 20 results per page. + operationId: FindRules + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_FindRulesSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Detections_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Rules per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + summary: List all detection rules + tags: + - Security Solution Detections API + - Rules API + /api/detection_engine/rules/_import: + post: + description: > + Import detection rules from an `.ndjson` file, including actions and + exception lists. The request must include: + + - The `Content-Type: multipart/form-data` HTTP header. + + - A link to the `.ndjson` file containing the rules. + operationId: ImportRules + parameters: + - description: >- + Determines whether existing rules with the same `rule_id` are + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing exception lists with the same `list_id` + are overwritten. + in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - description: >- + Determines whether existing actions with the same + `kibana.alert.rule.actions.id` are overwritten. + in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: Generates a new list ID for each imported exception list. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: The `.ndjson` file containing the rules. + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + action_connectors_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + action_connectors_success: + type: boolean + action_connectors_success_count: + minimum: 0 + type: integer + action_connectors_warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_WarningSchema + type: array + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ErrorSchema + type: array + exceptions_success: + type: boolean + exceptions_success_count: + minimum: 0 + type: integer + rules_count: + minimum: 0 + type: integer + success: + type: boolean + success_count: + minimum: 0 + type: integer + required: + - exceptions_success + - exceptions_success_count + - exceptions_errors + - rules_count + - success + - success_count + - errors + - action_connectors_errors + - action_connectors_warnings + - action_connectors_success + - action_connectors_success_count + description: Indicates a successful call. + summary: Import detection rules + tags: + - Security Solution Detections API + - Import/Export API + /api/detection_engine/rules/{id}/exceptions: + post: + description: Create exception items that apply to a single detection rule. + operationId: CreateRuleExceptionListItems + parameters: + - description: Detection rule's identifier + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_RuleId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps + type: array + required: + - items + description: Rule exception list items + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create rule exception list items + tags: + - Security Solution Exceptions API + /api/detection_engine/rules/prepackaged: + put: + description: Install and update all Elastic prebuilt detection rules and Timelines. + operationId: InstallPrebuiltRulesAndTimelines + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + rules_installed: + description: The number of rules installed + minimum: 0 + type: integer + rules_updated: + description: The number of rules updated + minimum: 0 + type: integer + timelines_installed: + description: The number of timelines installed + minimum: 0 + type: integer + timelines_updated: + description: The number of timelines updated + minimum: 0 + type: integer + required: + - rules_installed + - rules_updated + - timelines_installed + - timelines_updated + description: Indicates a successful call + summary: Install prebuilt detection rules and Timelines + tags: + - Security Solution Detections API + - Prebuilt Rules API + /api/detection_engine/rules/prepackaged/_status: + get: + description: >- + Retrieve the status of all Elastic prebuilt detection rules and + Timelines. + operationId: ReadPrebuiltRulesAndTimelinesStatus + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + rules_custom_installed: + description: The total number of custom rules + minimum: 0 + type: integer + rules_installed: + description: The total number of installed prebuilt rules + minimum: 0 + type: integer + rules_not_installed: + description: >- + The total number of available prebuilt rules that are not + installed + minimum: 0 + type: integer + rules_not_updated: + description: The total number of outdated prebuilt rules + minimum: 0 + type: integer + timelines_installed: + description: The total number of installed prebuilt timelines + minimum: 0 + type: integer + timelines_not_installed: + description: >- + The total number of available prebuilt timelines that are + not installed + minimum: 0 + type: integer + timelines_not_updated: + description: The total number of outdated prebuilt timelines + minimum: 0 + type: integer + required: + - rules_custom_installed + - rules_installed + - rules_not_installed + - rules_not_updated + - timelines_installed + - timelines_not_installed + - timelines_not_updated + description: Indicates a successful call + summary: Retrieve the status of prebuilt detection rules and Timelines + tags: + - Security Solution Detections API + - Prebuilt Rules API + /api/detection_engine/rules/preview: + post: + operationId: RulePreview + parameters: + - description: >- + Enables logging and returning in response ES queries, performed + during rule execution + in: query + name: enable_logged_requests + required: false + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + - allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewParams + discriminator: + propertyName: type + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + isAborted: + type: boolean + logs: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLogs + type: array + previewId: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - logs + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Preview rule alerts generated on specified time range + tags: + - Security Solution Detections API + - Rule preview API + /api/detection_engine/signals/assignees: + post: + description: | + Assign users to detection alerts, and unassign them from alerts. + > info + > You cannot add and remove the same assignee in the same request. + operationId: SetAlertAssignees + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assignees: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertAssignees + description: Details about the assignees to assign and unassign. + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + description: List of alerts ids to assign and unassign passed assignees. + required: + - assignees + - ids + required: true + responses: + '200': + description: Indicates a successful call. + '400': + description: Invalid request. + summary: Assign and unassign users from detection alerts + tags: + - Security Solution Detections API + /api/detection_engine/signals/finalize_migration: + post: + description: > + Finalize successful migrations of detection alerts. This replaces the + original index's alias with the successfully migrated index's alias. + + The endpoint is idempotent; therefore, it can safely be used to poll a + given migration and, upon completion, + + finalize it. + operationId: FinalizeAlertsMigration + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + migration_ids: + items: + type: string + minItems: 1 + type: array + required: + - migration_ids + description: Array of `migration_id`s to finalize + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationFinalizationResult + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Finalize detection alert migrations + tags: + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/migration: + delete: + description: > + Migrations favor data integrity over shard size. Consequently, unused or + orphaned indices are artifacts of + + the migration process. A successful migration will result in both the + old and new indices being present. + + As such, the old, orphaned index can (and likely should) be deleted. + + + While you can delete these indices manually, + + the endpoint accomplishes this task by applying a deletion policy to the + relevant index, causing it to be deleted + + after 30 days. It also deletes other artifacts specific to the migration + implementation. + operationId: AlertsMigrationCleanup + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + migration_ids: + items: + type: string + minItems: 1 + type: array + required: + - migration_ids + description: Array of `migration_id`s to cleanup + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationCleanupResult + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Clean up detection alert migrations + tags: + - Security Solution Detections API + - Alerts migration API + post: + description: > + Initiate a migration of detection alerts. + + Migrations are initiated per index. While the process is neither + destructive nor interferes with existing data, it may be + resource-intensive. As such, it is recommended that you plan your + migrations accordingly. + operationId: CreateAlertsMigration + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - type: object + properties: + index: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - index + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsReindexOptions + description: Alerts migration parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indices: + items: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexMigrationSuccess + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexMigrationError + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SkippedAlertsIndexMigration + type: array + required: + - indices + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Initiate a detection alert migration + tags: + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/migration_status: + post: + description: >- + Retrieve indices that contain detection alerts of a particular age, + along with migration information for each of those indices. + operationId: ReadAlertsMigrationStatus + parameters: + - description: Maximum age of qualifying detection alerts + in: query + name: from + required: true + schema: + description: > + Time from which data is analyzed. For example, now-4200s means the + rule analyzes data from 70 minutes + + before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indices: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexMigrationStatus + type: array + required: + - indices + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Retrieve the status of detection alert migrations + tags: + - Security Solution Detections API + - Alerts migration API + /api/detection_engine/signals/search: + post: + description: Find and/or aggregate detection alerts that match the given query. + operationId: SearchAlerts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + description: Elasticsearch query and aggregation request + type: object + properties: + _source: + oneOf: + - type: boolean + - type: string + - items: + type: string + type: array + aggs: + additionalProperties: true + type: object + fields: + items: + type: string + type: array + query: + additionalProperties: true + type: object + runtime_mappings: + additionalProperties: true + type: object + size: + minimum: 0 + type: integer + sort: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSort + track_total_hits: + type: boolean + description: Search and/or aggregation query + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch search response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Find and/or aggregate detection alerts + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/status: + post: + description: Set the status of one or more detection alerts. + operationId: SetAlertsStatus + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByIds + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertsStatusByQuery + description: >- + An object containing desired status and explicit alert ids or a query + to select alerts + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Set a detection alert status + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/signals/tags: + post: + description: | + And tags to detection alerts, and remove them from alerts. + > info + > You cannot add and remove the same alert tag in the same request. + operationId: SetAlertTags + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertIds + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SetAlertTags + required: + - ids + - tags + description: >- + An object containing tags to add or remove and alert ids the changes + will be applied + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: true + description: Elasticsearch update by query response + type: object + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_PlatformErrorResponse + description: Unsuccessful authentication response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SiemErrorResponse + description: Internal server error response + summary: Add and remove detection alert tags + tags: + - Security Solution Detections API + - Alerts API + /api/detection_engine/tags: + get: + description: List all unique tags from all detection rules. + operationId: ReadTags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + description: Indicates a successful call + summary: List all detection rule tags + tags: + - Security Solution Detections API + - Tags API + /api/encrypted_saved_objects/_rotate_key: + post: + description: > + Superuser role required. + + + If a saved object cannot be decrypted using the primary encryption key, + then Kibana will attempt to decrypt it using the specified + decryption-only keys. In most of the cases this overhead is negligible, + but if you're dealing with a large number of saved objects and + experiencing performance issues, you may want to rotate the encryption + key. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: rotateEncryptionKey + parameters: + - description: > + Specifies a maximum number of saved objects that Kibana can process + in a single batch. Bulk key rotation is an iterative process since + Kibana may not be able to fetch and process all required saved + objects in one go and splits processing into consequent batches. By + default, the batch size is 10000, which is also a maximum allowed + value. + in: query + name: batch_size + required: false + schema: + default: 10000 + type: number + - description: > + Limits encryption key rotation only to the saved objects with the + specified type. By default, Kibana tries to rotate the encryption + key for all saved object types that may contain encrypted + attributes. + in: query + name: type + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + rotateEncryptionKeyResponse: + $ref: '#/components/examples/Saved_objects_key_rotation_response' + schema: + type: object + properties: + failed: + description: > + Indicates the number of the saved objects that were still + encrypted with one of the old encryption keys that Kibana + failed to re-encrypt with the primary key. + type: number + successful: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + + + NOTE: In most cases, `total` will be greater than + `successful` even if `failed` is zero. The reason is that + Kibana may not need or may not be able to rotate + encryption keys for all encrypted saved objects. + type: number + total: + description: > + Indicates the total number of all encrypted saved objects + (optionally filtered by the requested `type`), regardless + of the key Kibana used for encryption. + type: number + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + '429': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Already in progress. + summary: Rotate a key for encrypted saved objects + tags: + - saved objects + /api/endpoint_list: + post: + description: >- + Create an endpoint exception list, which groups endpoint exception list + items. If an endpoint exception list already exists, an empty response + is returned. + operationId: CreateEndpointList + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items: + delete: + description: >- + Delete an endpoint exception list item using the `id` or `item_id` + field. + operationId: DeleteEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Delete an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + get: + description: >- + Get the details of an endpoint exception list item using the `id` or + `item_id` field. + operationId: ReadEndpointListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + post: + description: >- + Create an endpoint exception list item, and associate it with the + endpoint exception list. + operationId: CreateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item already exists + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Create an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + put: + description: >- + Update an endpoint exception list item using the `id` or `item_id` + field. + operationId: UpdateEndpointListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list item not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Update an endpoint exception list item + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint_list/items/_find: + get: + description: Get a list of all endpoint exception list items. + operationId: FindEndpointListItems + parameters: + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_EndpointListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Invalid input data + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse + description: Insufficient privileges + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Endpoint list not found + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse + description: Internal server error + summary: Get endpoint exception list items + tags: + - Security Solution Endpoint Exceptions API + /api/endpoint/action: + get: + description: Get a list of all response actions. + operationId: EndpointGetActionsList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get response actions + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_log/{agent_id}: + get: + deprecated: true + description: Get an action request log for the specified agent ID. + operationId: EndpointGetActionLog + parameters: + - in: path + name: agent_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionLogRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an action request log + tags: + - Security Solution Endpoint Management API + /api/endpoint/action_status: + get: + description: Get the status of response actions for the specified agent IDs. + operationId: EndpointGetActionsStatus + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agent_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse + description: OK + summary: Get response actions status + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}: + get: + description: Get the details of a response action using the action ID. + operationId: EndpointGetActionsDetails + parameters: + - in: path + name: action_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get action details + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}: + get: + description: Get information for the specified file using the file ID. + operationId: EndpointFileInfo + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get file information + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/{action_id}/file/{file_id}/download: + get: + description: Download a file from an endpoint. + operationId: EndpointFileDownload + parameters: + - in: path + name: action_id + required: true + schema: + type: string + - in: path + name: file_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Download a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/execute: + post: + description: Run a shell command on an endpoint. + operationId: EndpointExecuteAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Run a command + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/get_file: + post: + description: Get a file from an endpoint. + operationId: EndpointGetFileAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/isolate: + post: + description: >- + Isolate an endpoint from the network. The endpoint remains isolated + until it's released. + operationId: EndpointIsolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Isolate an endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/kill_process: + post: + description: Terminate a running process on an endpoint. + operationId: EndpointKillProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Terminate a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/running_procs: + post: + description: Get a list of all processes running on an endpoint. + operationId: EndpointGetProcessesAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get running processes + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/scan: + post: + description: Scan a specific file or directory on an endpoint for malware. + operationId: EndpointScanAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ScanRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Scan a file or directory + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/state: + get: + description: >- + Get a response actions state, which reports whether encryption is + enabled. + operationId: EndpointGetActionsState + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse + description: OK + summary: Get actions state + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/suspend_process: + post: + description: Suspend a running process on an endpoint. + operationId: EndpointSuspendProcessAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Suspend a process + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/unisolate: + post: + description: Release an isolated endpoint, allowing it to rejoin a network. + operationId: EndpointUnisolateAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Release an isolated endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/action/upload: + post: + description: Upload a file to an endpoint. + operationId: EndpointUploadAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UploadRouteRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Upload a file + tags: + - Security Solution Endpoint Management API + /api/endpoint/isolate: + post: + deprecated: true + description: > + Isolate an endpoint from the network. + + > info + + > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/isolate`. + operationId: EndpointIsolateRedirect + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/isolate" + schema: + example: /api/endpoint/action/isolate + type: string + summary: Isolate an endpoint + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata: + get: + operationId: GetEndpointMetadataList + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ListRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a metadata list + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/{id}: + get: + operationId: GetEndpointMetadata + parameters: + - in: path + name: id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata + tags: + - Security Solution Endpoint Management API + /api/endpoint/metadata/transforms: + get: + operationId: GetEndpointMetadataTransform + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get metadata transforms + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy_response: + get: + operationId: GetPolicyResponse + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + agentId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get a policy response + tags: + - Security Solution Endpoint Management API + /api/endpoint/policy/summaries: + get: + deprecated: true + operationId: GetAgentPolicySummary + parameters: + - in: query + name: query + required: true + schema: + type: object + properties: + package_name: + type: string + policy_id: + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get an agent policy summary + tags: + - Security Solution Endpoint Management API + /api/endpoint/protection_updates_note/{package_policy_id}: + get: + operationId: GetProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Get a protection updates note + tags: + - Security Solution Endpoint Management API + post: + operationId: CreateUpdateProtectionUpdatesNote + parameters: + - in: path + name: package_policy_id + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + note: + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse + description: OK + summary: Create or update a protection updates note + tags: + - Security Solution Endpoint Management API + /api/endpoint/suggestions/{suggestion_type}: + post: + operationId: GetEndpointSuggestions + parameters: + - in: path + name: suggestion_type + required: true + schema: + enum: + - eventFilters + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + field: + type: string + fieldMeta: {} + filters: {} + query: + type: string + required: + - parameters + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + summary: Get suggestions + tags: + - Security Solution Endpoint Management API + /api/endpoint/unisolate: + post: + deprecated: true + description: > + Release an isolated endpoint, allowing it to rejoin a network. + + > info + + > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/unisolate`. + operationId: EndpointUnisolateRedirect + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_SuccessResponse + description: OK + '308': + description: Permanent Redirect + headers: + Location: + description: Permanently redirects to "/api/endpoint/action/unisolate" + schema: + example: /api/endpoint/action/unisolate + type: string + summary: Release an isolated endpoint + tags: + - Security Solution Endpoint Management API + /api/entity_store/engines: + get: + operationId: ListEntityStoreEngines + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + count: + type: integer + engines: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + type: array + description: Successful response + summary: List the Entity Store engines + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}: + delete: + operationId: DeleteEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + - description: Control flag to also delete the entity data. + in: query + name: data + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + deleted: + type: boolean + description: Successful response + summary: Delete the Entity Store engine + tags: + - Security Solution Entity Analytics API + get: + operationId: GetEntityStoreEngine + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Get the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/init: + post: + operationId: InitEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + description: Schema for the engine initialization + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor + description: Successful response + summary: Initialize the Entity Store + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/start: + post: + operationId: StartEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + started: + type: boolean + description: Successful response + summary: Start the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stats: + post: + operationId: GetEntityStoreStats + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + indices: + items: + type: object + type: array + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + transforms: + items: + type: object + type: array + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + description: Successful response + summary: Get the Entity Store engine stats + tags: + - Security Solution Entity Analytics API + /api/entity_store/engines/{entityType}/stop: + post: + operationId: StopEntityStore + parameters: + - description: The entity type of the store (either 'user' or 'host'). + in: path + name: entityType + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + stopped: + type: boolean + description: Successful response + summary: Stop the Entity Store engine + tags: + - Security Solution Entity Analytics API + /api/entity_store/entities/list: + get: + description: List entities records, paging, sorting and filtering as needed. + operationId: ListEntities + parameters: + - in: query + name: sort_field + required: false + schema: + type: string + - in: query + name: sort_order + required: false + schema: + enum: + - asc + - desc + type: string + - in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - in: query + name: per_page + required: false + schema: + maximum: 10000 + minimum: 1 + type: integer + - description: An ES query to filter by. + in: query + name: filterQuery + required: false + schema: + type: string + - in: query + name: entities_types + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + inspect: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_InspectQuery + page: + minimum: 1 + type: integer + per_page: + maximum: 1000 + minimum: 1 + type: integer + records: + items: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_Entity + type: array + total: + minimum: 0 + type: integer + required: + - records + - page + - per_page + - total + description: Entities returned successfully + summary: List Entity Store Entities + tags: + - Security Solution Entity Analytics API + /api/exception_lists: + delete: + description: Delete an exception list using the `id` or `list_id` field. + operationId: DeleteExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list + tags: + - Security Solution Exceptions API + get: + description: Get the details of an exception list using the `id` or `list_id` field. + operationId: ReadExceptionList + parameters: + - description: Either `id` or `list_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Either `id` or `list_id` must be specified + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list details + tags: + - Security Solution Exceptions API + post: + description: > + An exception list groups exception items and can be associated with + detection rules. You can assign detection rules with multiple exception + lists. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + default: 1 + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list + tags: + - Security Solution Exceptions API + put: + description: Update an exception list using the `id` or `list_id` field. + operationId: UpdateExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - name + - description + - type + description: Exception list's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_duplicate: + post: + description: Duplicate an existing exception list. + operationId: DuplicateExceptionList + parameters: + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list to duplicate not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Duplicate an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_export: + post: + description: Export an exception list and its associated items to an NDJSON file. + operationId: ExportExceptionList + parameters: + - description: Exception list's identifier + in: query + name: id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human identifier + in: query + name: list_id + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + - description: >- + Determines whether to include expired exceptions in the exported + list + in: query + name: include_expired_exceptions + required: true + schema: + default: 'true' + enum: + - 'true' + - 'false' + type: string + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: >- + A `.ndjson` file containing specified exception list and its + items + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Export an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/_find: + get: + description: Get a list of all exception lists. + operationId: FindExceptionLists + parameters: + - description: > + Filters the returned results according to the value of the specified + field. + + + Uses the `so type.field name:field` value syntax, where `so type` + can be: + + + - `exception-list`: Specify a space-aware exception list. + + - `exception-list-agnostic`: Specify an exception list that is + shared across spaces. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListsFilter + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 1 + type: integer + - description: The number of exception lists to return per page + in: query + name: per_page + required: false + schema: + minimum: 1 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + type: string + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception lists + tags: + - Security Solution Exceptions API + /api/exception_lists/_import: + post: + description: Import an exception list and its associated items from an NDJSON file. + operationId: ImportExceptionList + parameters: + - description: > + Determines whether existing exception lists with the same `list_id` + are overwritten. + + If any exception items have the same `item_id`, those are also + overwritten. + in: query + name: overwrite + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_exceptions + required: false + schema: + default: false + type: boolean + - in: query + name: overwrite_action_connectors + required: false + schema: + default: false + type: boolean + - description: > + Determines whether the list being imported will have a new `list_id` + generated. + + Additional `item_id`'s are generated for each exception item. Both + the exception + + list and its items are overwritten. + in: query + name: as_new_list + required: false + schema: + default: false + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: A `.ndjson` file containing the exception list + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + errors: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray + success: + type: boolean + success_count: + minimum: 0 + type: integer + success_count_exception_list_items: + minimum: 0 + type: integer + success_count_exception_lists: + minimum: 0 + type: integer + success_exception_list_items: + type: boolean + success_exception_lists: + type: boolean + required: + - errors + - success + - success_count + - success_exception_lists + - success_count_exception_lists + - success_exception_list_items + - success_count_exception_list_items + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Import an exception list + tags: + - Security Solution Exceptions API + /api/exception_lists/items: + delete: + description: Delete an exception list item using the `id` or `item_id` field. + operationId: DeleteExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Delete an exception list item + tags: + - Security Solution Exceptions API + get: + description: >- + Get the details of an exception list item using the `id` or `item_id` + field. + operationId: ReadExceptionListItem + parameters: + - description: Either `id` or `item_id` must be specified + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + - description: Either `id` or `item_id` must be specified + in: query + name: item_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list item + tags: + - Security Solution Exceptions API + post: + description: > + Create an exception item and associate it with the specified exception + list. + + > info + + > Before creating exception items, you must create an exception list. + operationId: CreateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - list_id + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create an exception list item + tags: + - Security Solution Exceptions API + put: + description: Update an exception list item using the `id` or `item_id` field. + operationId: UpdateExceptionListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + description: Either `id` or `item_id` must be specified + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + description: Either `id` or `item_id` must be specified + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + description: Exception list item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Update an exception list item + tags: + - Security Solution Exceptions API + /api/exception_lists/items/_find: + get: + description: Get a list of all exception list items in the specified list. + operationId: FindExceptionListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + type: array + - description: > + Filters the returned results according to the value of the specified + field, + + using the `:` syntax. + in: query + name: filter + required: false + schema: + default: [] + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_FindExceptionListItemsFilter + type: array + - description: > + Determines whether the returned containers are Kibana associated + with a Kibana space + + or available in all spaces (`agnostic` or `single`) + in: query + name: namespace_type + required: false + schema: + default: + - single + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + type: array + - in: query + name: search + required: false + schema: + type: string + - description: The page number to return + in: query + name: page + required: false + schema: + minimum: 0 + type: integer + - description: The number of exception list items to return per page + in: query + name: per_page + required: false + schema: + minimum: 0 + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItem + type: array + page: + minimum: 1 + type: integer + per_page: + minimum: 1 + type: integer + pit: + type: string + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get exception list items + tags: + - Security Solution Exceptions API + /api/exception_lists/summary: + get: + description: Get a summary of the specified exception list. + operationId: ReadExceptionListSummary + parameters: + - description: Exception list's identifier generated upon creation + in: query + name: id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + - description: Exception list's human readable identifier + in: query + name: list_id + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + - in: query + name: namespace_type + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + - description: Search filter clause + in: query + name: filter + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + linux: + minimum: 0 + type: integer + macos: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + windows: + minimum: 0 + type: integer + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Get an exception list summary + tags: + - Security Solution Exceptions API + /api/exceptions/shared: + post: + description: > + An exception list groups exception items and can be associated with + detection rules. A shared exception list can apply to multiple detection + rules. + + > info + + > All exception items added to the same list are evaluated using `OR` + logic. That is, if any of the items in a list evaluate to `true`, the + exception prevents the rule from generating an alert. Likewise, `OR` + logic is used for evaluating exceptions when more than one exception + list is assigned to a rule. To use the `AND` operator, you can define + multiple clauses (`entries`) in a single exception item. + operationId: CreateSharedExceptionList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + required: + - name + - description + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionList + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Exception list already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_SiemErrorResponse + description: Internal server error response + summary: Create a shared exception list + tags: + - Security Solution Exceptions API + /api/fleet/agent_download_sources: + get: + operationId: get-download-sources + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_download_sources' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent binary download sources + tags: + - Elastic Agent binary download sources + post: + operationId: post-download-sources + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - host + - is_default + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent binary download source + tags: + - Elastic Agent binary download sources + /api/fleet/agent_download_sources/{sourceId}: + delete: + operationId: delete-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent binary download source by ID + tags: + - Elastic Agent binary download sources + get: + operationId: get-one-download-source + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent binary download source by ID + tags: + - Elastic Agent binary download sources + parameters: + - in: path + name: sourceId + required: true + schema: + type: string + put: + operationId: update-download-source + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + type: string + is_default: + type: boolean + name: + type: string + required: + - name + - is_default + - host + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_download_sources' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent binary download source by ID + tags: + - Elastic Agent binary download sources + /api/fleet/agent_policies: + get: + description: '' + operationId: agent-policy-list + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + - description: >- + When set to true, retrieve the related package policies for each + agent policy. + in: query + name: full + schema: + type: boolean + - description: >- + When set to true, do not count how many agents are in the agent + policy, this can improve performance if you are searching over a + large number of agent policies. The "agents" property will always be + 0 if set to true. + in: query + name: noAgentCount + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent policies + tags: + - Elastic Agent policies + post: + operationId: create-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_create_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent policy + tags: + - Elastic Agent policies + /api/fleet/agent_policies/_bulk_get: + post: + operationId: bulk-get-agent-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + full: + description: get full policies with package policies populated + type: boolean + ids: + description: list of agent policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get agent policies + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}: + get: + description: Get one agent policy + operationId: agent-policy-info + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + put: + operationId: update-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_policy_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/copy: + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - $ref: '#/components/parameters/Fleet_format' + post: + operationId: agent-policy-copy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + type: string + name: + type: string + required: + - name + description: '' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Copy agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_policies/{agentPolicyId}/download: + get: + operationId: agent-policy-download + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Download agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/{agentPolicyId}/full: + get: + operationId: agent-policy-full + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + oneOf: + - type: string + - $ref: '#/components/schemas/Fleet_agent_policy_full' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full agent policy by ID + tags: + - Elastic Agent policies + parameters: + - in: path + name: agentPolicyId + required: true + schema: + type: string + - in: query + name: download + required: false + schema: + type: string + - in: query + name: standalone + required: false + schema: + type: string + - in: query + name: kubernetes + required: false + schema: + type: string + /api/fleet/agent_policies/delete: + parameters: [] + post: + operationId: delete-agent-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + agentPolicyId: + type: string + force: + description: >- + bypass validation checks that can prevent agent policy + deletion + type: boolean + required: + - agentPolicyId + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + success: + type: boolean + required: + - id + - success + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent policy by ID + tags: + - Elastic Agent policies + /api/fleet/agent_status: + get: + operationId: get-agent-status + parameters: + - in: query + name: policyId + required: false + schema: + type: string + - deprecated: true + in: query + name: kuery + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + active: + type: integer + all: + type: integer + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + deprecated: true + type: integer + unenrolled: + type: integer + updating: + type: integer + required: + - active + - all + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agent_status/data: + get: + operationId: get-agent-data + parameters: + - in: query + name: agentsIds + required: true + schema: + items: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + additionalProperties: + type: object + properties: + data: + type: boolean + type: object + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get incoming agent data + tags: + - Elastic Agent status + /api/fleet/agent-status: + get: + deprecated: true + operationId: get-agent-status-deprecated + parameters: + - in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: integer + events: + type: integer + inactive: + type: integer + offline: + type: integer + online: + type: integer + other: + type: integer + total: + type: integer + updating: + type: integer + required: + - error + - events + - inactive + - offline + - online + - other + - total + - updating + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent status summary + tags: + - Elastic Agent status + /api/fleet/agents: + get: + operationId: get-agents + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_show_inactive' + - $ref: '#/components/parameters/Fleet_show_upgradeable' + - $ref: '#/components/parameters/Fleet_sort_field' + - $ref: '#/components/parameters/Fleet_sort_order' + - $ref: '#/components/parameters/Fleet_with_metrics' + - in: query + name: getStatusSummary + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agents_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents + tags: + - Elastic Agents + post: + operationId: get-agents-by-actions + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionIds: + items: + type: string + type: array + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_agent_get_by_actions' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agents by action ids + tags: + - Elastic Agents + /api/fleet/agents/{agentId}: + delete: + operationId: delete-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete agent by ID + tags: + - Elastic Agents + get: + operationId: get-agent + parameters: + - $ref: '#/components/parameters/Fleet_with_metrics' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent by ID + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + put: + operationId: update-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + tags: + items: + type: string + type: array + user_provided_metadata: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update agent by ID + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/actions: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: new-agent-action + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + $ref: '#/components/schemas/Fleet_agent_action' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + items: + type: number + type: array + headers: + type: string + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create agent action + tags: + - Elastic Agent actions + /api/fleet/agents/{agentId}/reassign: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: reassign-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + put: + deprecated: true + operationId: reassign-agent-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + policy_id: + type: string + required: + - policy_id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Reassign agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/request_diagnostics: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: request-diagnostics-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Request agent diagnostics + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/unenroll: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: unenroll-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + revoke: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: OK + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + enum: + - 400 + type: number + description: BAD REQUEST + summary: Unenroll agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/upgrade: + parameters: + - in: path + name: agentId + required: true + schema: + type: string + post: + operationId: upgrade-agent + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_upgrade_agent' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade agent + tags: + - Elastic Agents + /api/fleet/agents/{agentId}/uploads: + get: + operationId: list-agent-uploads + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + item: + items: + $ref: '#/components/schemas/Fleet_agent_diagnostics' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent uploads + tags: + - Elastic Agents + parameters: + - in: path + name: agentId + required: true + schema: + type: string + /api/fleet/agents/action_status: + get: + operationId: agents-action-status + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - in: query + name: errorSize + schema: + default: 5 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + actionId: + type: string + cancellationTime: + type: string + completionTime: + type: string + creationTime: + description: creation time of action + type: string + expiration: + type: string + latestErrors: + description: >- + latest errors that happened when the agents executed + the action + items: + type: object + properties: + agentId: + type: string + error: + type: string + timestamp: + type: string + type: array + nbAgentsAck: + description: number of agents that acknowledged the action + type: number + nbAgentsActionCreated: + description: number of agents included in action from kibana + type: number + nbAgentsActioned: + description: number of agents actioned + type: number + nbAgentsFailed: + description: number of agents that failed to execute the action + type: number + newPolicyId: + description: new policy id (POLICY_REASSIGN action) + type: string + policyId: + description: policy id (POLICY_CHANGE action) + type: string + revision: + description: new policy revision (POLICY_CHANGE action) + type: string + startTime: + description: start time of action (scheduled actions) + type: string + status: + enum: + - COMPLETE + - EXPIRED + - CANCELLED + - FAILED + - IN_PROGRESS + - ROLLOUT_PASSED + type: string + type: + enum: + - POLICY_REASSIGN + - UPGRADE + - UNENROLL + - FORCE_UNENROLL + - UPDATE_TAGS + - CANCEL + - REQUEST_DIAGNOSTICS + - SETTINGS + - POLICY_CHANGE + - INPUT_ACTION + type: string + version: + description: agent version number (UPGRADE action) + type: string + required: + - actionId + - complete + - nbAgentsActioned + - nbAgentsActionCreated + - nbAgentsAck + - nbAgentsFailed + - status + - creationTime + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent action status + tags: + - Elastic Agent actions + /api/fleet/agents/actions/{actionId}/cancel: + parameters: + - in: path + name: actionId + required: true + schema: + type: string + post: + operationId: agent-action-cancel + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_agent_action' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Cancel agent action + tags: + - Elastic Agent actions + /api/fleet/agents/bulk_reassign: + post: + operationId: bulk-reassign-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + policy_id: policy_id + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + policy_id: + description: new agent policy id + type: string + required: + - policy_id + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk reassign agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_request_diagnostics: + post: + operationId: bulk-request-diagnostics + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: 'fleet-agents.policy_id : ("policy1" or "policy2")' + schema: + type: object + properties: + additional_metrics: + items: + oneOf: + - enum: + - CPU + type: string + type: array + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk request diagnostics from agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_unenroll: + post: + operationId: bulk-unenroll-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + force: false + revoke: true + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Unenrolls hosted agents too + type: boolean + includeInactive: + description: >- + When passing agents by KQL query, unenrolls inactive agents + too + type: boolean + revoke: + description: Revokes API keys of agents + type: boolean + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk unenroll agents + tags: + - Elastic Agents + /api/fleet/agents/bulk_update_agent_tags: + post: + operationId: bulk-update-agent-tags + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + tagsToAdd: + - newTag + tagsToRemove: + - existingTag + schema: + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + batchSize: + type: number + tagsToAdd: + items: + type: string + type: array + tagsToRemove: + items: + type: string + type: array + required: + - agents + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk update agent tags + tags: + - Elastic Agents + /api/fleet/agents/bulk_upgrade: + post: + operationId: bulk-upgrade-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + example: + agents: + - agent1 + - agent2 + rollout_duration_seconds: 3600 + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent + start_time: '2022-08-03T14:00:00.000Z' + version: 8.4.0 + schema: + $ref: '#/components/schemas/Fleet_bulk_upgrade_agents' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + actionId: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk upgrade agents + tags: + - Elastic Agents + /api/fleet/agents/files/{fileId}: + delete: + operationId: delete-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + deleted: + type: boolean + id: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + /api/fleet/agents/files/{fileId}/{fileName}: + get: + operationId: get-agent-upload-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + items: + type: object + properties: + body: {} + headers: {} + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get file uploaded by agent + tags: + - Elastic Agents + parameters: + - in: path + name: fileId + required: true + schema: + type: string + - in: path + name: fileName + required: true + schema: + type: string + /api/fleet/agents/setup: + get: + operationId: get-agents-setup-status + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_status_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get agent setup info + tags: + - Elastic Agents + post: + operationId: setup-agents + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + admin_password: + type: string + admin_username: + type: string + required: + - admin_username + - admin_password + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Initiate agent setup + tags: + - Elastic Agents + /api/fleet/agents/tags: + get: + operationId: get-agent-tags + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_agent_tags_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List agent tags + tags: + - Elastic Agents + /api/fleet/data_streams: + get: + operationId: data-streams-list + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data_streams: + items: + $ref: '#/components/schemas/Fleet_data_stream' + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List data streams + tags: + - Data streams + parameters: [] + /api/fleet/enrollment_api_keys: + get: + operationId: get-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + operationId: create-enrollment-api-keys + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + description: The name of the enrollment API key. Must be unique. + type: string + policy_id: + description: >- + The ID of the agent policy the Elastic Agent will be + enrolled in. + type: string + required: + - policy_id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment_api_keys/{keyId}: + delete: + operationId: delete-enrollment-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Revoke enrollment API key by ID by marking it as inactive + tags: + - Fleet enrollment API keys + get: + operationId: get-enrollment-api-key + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/enrollment-api-keys: + get: + deprecated: true + operationId: get-enrollment-api-keys-deprecated + parameters: [] + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - page + - perPage + - total + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List enrollment API keys + tags: + - Fleet enrollment API keys + post: + deprecated: true + operationId: create-enrollment-api-keys-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - created + type: string + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create enrollment API key + tags: + - Fleet enrollment API keys + /api/fleet/enrollment-api-keys/{keyId}: + delete: + deprecated: true + operationId: delete-enrollment-api-key-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + action: + enum: + - deleted + type: string + required: + - action + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete enrollment API key by ID + tags: + - Fleet enrollment API keys + get: + deprecated: true + operationId: get-enrollment-api-key-deprecated + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_enrollment_api_key' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get enrollment API key by ID + tags: + - Fleet enrollment API keys + parameters: + - in: path + name: keyId + required: true + schema: + type: string + /api/fleet/epm/bulk_assets: + post: + operationId: bulk-get-assets + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + assetIds: + description: list of items necessary to fetch assets + items: + type: object + properties: + id: + type: string + type: + type: string + type: array + required: + - assetIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_bulk_assets_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get assets + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/categories: + get: + operationId: get-package-categories + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_categories_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package categories + tags: + - Elastic Package Manager (EPM) + parameters: + - description: >- + Whether to include prerelease packages in categories count (e.g. beta, + rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: include_policy_templates + schema: + default: false + type: boolean + /api/fleet/epm/packages: + get: + operationId: list-all-packages + parameters: + - description: >- + Whether to exclude the install status of each package. Enabling this + option will opt in to caching for the response via `cache-control` + headers. If you don't need up-to-date installation info for a + package, and are querying for a list of available packages, + providing this flag can improve performance substantially. + in: query + name: excludeInstallStatus + schema: + default: false + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + - deprecated: true + in: query + name: experimental + schema: + default: false + type: boolean + - in: query + name: category + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_get_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List packages + tags: + - Elastic Package Manager (EPM) + post: + description: '' + operationId: install-package-by-upload + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/gzip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + application/zip; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - upload + - registry + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '429': + $ref: '#/components/responses/Fleet_error' + summary: Install by package by direct upload + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/_bulk: + post: + operationId: bulk-install-packages + parameters: + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + description: force install to ignore package verification errors + type: boolean + packages: + description: list of packages to install + items: + oneOf: + - description: package name + type: string + - type: object + properties: + name: + description: package name + type: string + version: + description: package version + type: string + type: array + required: + - packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_bulk_install_packages_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk install packages + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgkey}: + delete: + deprecated: true + operationId: delete-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete ackage + tags: + - Elastic Package Manager (EPM) + get: + deprecated: true + operationId: get-package-deprecated + parameters: + - in: path + name: pkgkey + required: true + schema: + type: string + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + response: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + savedObject: + type: string + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + post: + deprecated: true + description: '' + operationId: install-package-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgkey + required: true + schema: + type: string + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: + delete: + operationId: delete-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: delete package even if policies used by agents + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + deprecated: true + type: object + properties: + force: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package + tags: + - Elastic Package Manager (EPM) + get: + operationId: get-package + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + allOf: + - properties: + item: + $ref: '#/components/schemas/Fleet_package_info' + - properties: + keepPoliciesUpToDate: + type: boolean + latestVersion: + type: string + licensePath: + type: string + notice: + type: string + savedObject: + deprecated: true + type: object + status: + enum: + - installed + - installing + - install_failed + - not_installed + type: string + required: + - status + - savedObject + type: object + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + - description: >- + Return all fields from the package manifest, not just those supported + by the Elastic Package Registry + in: query + name: full + schema: + type: boolean + - description: >- + Whether to return prerelease versions of packages (e.g. beta, rc, + preview) + in: query + name: prerelease + schema: + default: false + type: boolean + post: + description: '' + operationId: install-package + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - description: avoid erroring out on unexpected mapping update errors + in: query + name: ignoreMappingUpdateErrors + schema: + default: false + type: boolean + - description: >- + Skip data stream rollover during index template mapping or settings + update + in: query + name: skipDataStreamRollover + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + ignore_constraints: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _meta: + type: object + properties: + install_source: + enum: + - registry + - upload + - bundled + type: string + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Install package + tags: + - Elastic Package Manager (EPM) + put: + description: '' + operationId: update-package + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + keepPoliciesUpToDate: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + id: + type: string + type: + oneOf: + - $ref: >- + #/components/schemas/Fleet_kibana_saved_object_type + - $ref: >- + #/components/schemas/Fleet_elasticsearch_asset_type + required: + - id + - type + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package settings + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: + get: + operationId: packages-get-file + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package file + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - in: path + name: filePath + required: true + schema: + type: string + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: + post: + description: '' + operationId: reauthorize-transforms + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: >- + Whether to include prerelease packages in categories count (e.g. + beta, rc, preview) + in: query + name: prerelease + schema: + default: false + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + transforms: + items: + type: object + properties: + transformId: + type: string + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + error: + type: string + success: + type: boolean + transformId: + type: string + required: + - transformId + - error + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Authorize transforms + tags: + - Elastic Package Manager (EPM) + /api/fleet/epm/packages/{pkgName}/stats: + get: + operationId: get-package-stats + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + response: + $ref: '#/components/schemas/Fleet_package_usage_stats' + required: + - response + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package stats + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + /api/fleet/epm/packages/limited: + get: + operationId: list-limited-packages + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: string + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get limited package list + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: + get: + operationId: get-inputs-template + responses: + '200': + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get inputs template + tags: + - Elastic Package Manager (EPM) + parameters: + - in: path + name: pkgName + required: true + schema: + type: string + - in: path + name: pkgVersion + required: true + schema: + type: string + - description: Format of response - json or yaml + in: query + name: format + schema: + enum: + - json + - yaml + - yml + type: string + - description: Specify if version is prerelease + in: query + name: prerelease + schema: + type: boolean + - description: Ignore if the package is fails signature verification + in: query + name: ignoreUnverified + schema: + type: boolean + /api/fleet/epm/verification_key_id: + get: + operationId: packages-get-verification-key-id + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: object + properties: + id: + description: >- + the key ID of the GPG key used to verify package + signatures + nullable: true + type: string + headers: + type: object + statusCode: + type: number + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package signature verification key ID + tags: + - Elastic Package Manager (EPM) + parameters: [] + /api/fleet/fleet_server_hosts: + get: + operationId: get-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_fleet_server_host' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List Fleet Server hosts + tags: + - Fleet Server hosts + post: + operationId: post-fleet-server-hosts + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + type: string + required: + - name + - host_urls + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create Fleet Server host + tags: + - Fleet Server hosts + /api/fleet/fleet_server_hosts/{itemId}: + delete: + operationId: delete-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete Fleet Server host by ID + tags: + - Fleet Server hosts + get: + operationId: get-one-fleet-server-hosts + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get Fleet Server host by ID + tags: + - Fleet Server hosts + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-server-hosts + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host_urls: + items: + type: string + type: array + is_default: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this fleet server host. See + the proxies API for more information. + nullable: true + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_fleet_server_host' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update Fleet Server host by ID + tags: + - Fleet Server hosts + /api/fleet/health_check: + post: + operationId: fleet-server-health-check + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + type: string + required: + - id + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + host: + deprecated: true + type: string + id: + description: Fleet Server host id + type: string + status: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Fleet Server health check + tags: + - Fleet internals + /api/fleet/kubernetes: + get: + operationId: get-full-k8s-manifest + parameters: + - in: query + name: download + required: false + schema: + type: boolean + - in: query + name: fleetServer + required: false + schema: + type: string + - in: query + name: enrolToken + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get full K8s agent manifest + tags: + - Fleet Kubernetes + /api/fleet/logstash_api_keys: + post: + operationId: generate-logstash-api-key + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + api_key: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Generate Logstash API key + tags: + - Fleet outputs + /api/fleet/outputs: + get: + operationId: get-outputs + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_output_create_request' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List outputs + tags: + - Fleet outputs + post: + operationId: post-outputs + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_create_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create output + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}: + delete: + operationId: delete-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete output by ID + tags: + - Fleet outputs + get: + operationId: get-output + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_create_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get output by ID + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + put: + operationId: update-output + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_output_update_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_output_update_request' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update output by ID + tags: + - Fleet outputs + /api/fleet/outputs/{outputId}/health: + get: + operationId: get-output-health + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + description: long message if unhealthy + type: string + state: + description: state of output, HEALTHY or DEGRADED + type: string + timestamp: + description: timestamp of reported state + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get latest output health + tags: + - Fleet outputs + parameters: + - in: path + name: outputId + required: true + schema: + type: string + /api/fleet/package_policies: + get: + operationId: get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_page_size' + - $ref: '#/components/parameters/Fleet_page_index' + - $ref: '#/components/parameters/Fleet_kuery' + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List package policies + tags: + - Fleet package policies + parameters: [] + post: + operationId: create-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + description: >- + You should use inputs as an object and not use the deprecated inputs + array. + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Create package policy + tags: + - Fleet package policies + /api/fleet/package_policies/_bulk_get: + post: + operationId: bulk-get-package-policies + parameters: + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + description: list of package policy ids + items: + type: string + type: array + ignoreMissing: + type: boolean + required: + - ids + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + required: + - items + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Bulk get package policies + tags: + - Fleet package policies + /api/fleet/package_policies/{packagePolicyId}: + delete: + operationId: delete-package-policy + parameters: + - in: query + name: force + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy by ID + tags: + - Fleet package policies + get: + operationId: get-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_format' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get package policy by ID + tags: + - Fleet package policies + parameters: + - in: path + name: packagePolicyId + required: true + schema: + type: string + put: + operationId: update-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + - $ref: '#/components/parameters/Fleet_format' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_package_policy_request' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_package_policy' + sucess: + type: boolean + required: + - item + - sucess + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update package policy by ID + tags: + - Fleet package policies + /api/fleet/package_policies/delete: + post: + operationId: post-delete-package-policy + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + force: + type: boolean + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete package policy + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade: + post: + operationId: upgrade-package-policy + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + id: + type: string + name: + type: string + success: + type: boolean + required: + - id + - success + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '409': + $ref: '#/components/responses/Fleet_error' + summary: Upgrade package policy to a newer package version + tags: + - Fleet package policies + /api/fleet/package_policies/upgrade/dryrun: + post: + operationId: upgrade-package-policy-dry-run + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + packagePolicyIds: + items: + type: string + type: array + packageVersion: + type: string + required: + - packagePolicyIds + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + properties: + agent_diff: + $ref: '#/components/schemas/Fleet_upgrade_agent_diff' + diff: + $ref: '#/components/schemas/Fleet_upgrade_diff' + hasErrors: + type: boolean + required: + - hasErrors + type: array + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Dry run package policy upgrade + tags: + - Fleet package policies + /api/fleet/proxies: + get: + operationId: get-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_proxies' + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List proxies + tags: + - Fleet proxies + post: + operationId: post-fleet-proxies + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create proxy + tags: + - Fleet proxies + /api/fleet/proxies/{itemId}: + delete: + operationId: delete-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + required: + - id + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Delete proxy by ID + tags: + - Fleet proxies + get: + operationId: get-one-fleet-proxies + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get proxy by ID + tags: + - Fleet proxies + parameters: + - in: path + name: itemId + required: true + schema: + type: string + put: + operationId: update-fleet-proxies + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_proxies' + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update proxy by ID + tags: + - Fleet proxies + /api/fleet/service_tokens: + post: + operationId: generate-service-token + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/service-tokens: + post: + deprecated: true + operationId: generate-service-token-deprecated + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + name: + type: string + value: + type: string + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Create service token + tags: + - Fleet service tokens + /api/fleet/settings: + get: + operationId: get-settings + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get settings + tags: + - Fleet internals + put: + operationId: update-settings + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + additional_yaml_config: + type: string + fleet_server_hosts: + description: Protocol and path must be the same for each URL + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_settings_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Update settings + tags: + - Fleet internals + /api/fleet/setup: + post: + operationId: setup + parameters: + - $ref: '#/components/parameters/Fleet_kbn_xsrf' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Fleet_fleet_setup_response' + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + description: Internal Server Error + summary: Initiate Fleet setup + tags: + - Fleet internals + /api/fleet/uninstall_tokens: + get: + operationId: get-uninstall-tokens + parameters: + - description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + minimum: 5 + type: integer + - $ref: '#/components/parameters/Fleet_page_index' + - description: Partial match filtering for policy IDs + in: query + name: policyId + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + items: + items: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + required: + - id + - policy_id + - created_at + type: array + page: + type: number + perPage: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: List metadata for latest uninstall tokens per agent policy + tags: + - Fleet uninstall tokens + /api/fleet/uninstall_tokens/{uninstallTokenId}: + get: + operationId: get-uninstall-token + parameters: + - in: path + name: uninstallTokenId + required: true + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + item: + type: object + properties: + created_at: + type: string + id: + type: string + policy_id: + type: string + token: + type: string + required: + - id + - token + - policy_id + - created_at + required: + - item + description: OK + '400': + $ref: '#/components/responses/Fleet_error' + summary: Get one decrypted uninstall token by its ID + tags: + - Fleet uninstall tokens + /api/lists: + delete: + description: | + Delete a list using the list ID. + > info + > When you delete a list, all of its list items are also deleted. + operationId: DeleteList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - in: query + name: deleteReferences + required: false + schema: + default: false + type: boolean + - in: query + name: ignoreReferences + required: false + schema: + default: false + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list + tags: + - Security Solution Lists API + get: + description: Get the details of a list using the list ID. + operationId: ReadList + parameters: + - description: List's `id` value + in: query + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list details + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list using the list ID. + operationId: PatchList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list + tags: + - Security Solution Lists API + post: + description: Create a new list. + operationId: CreateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + version: + default: 1 + minimum: 1 + type: integer + required: + - name + - description + - type + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list + tags: + - Security Solution Lists API + put: + description: > + Update a list using the list ID. The original list is replaced, and all + unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateList + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListDescription + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListMetadata + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + version: + minimum: 1 + type: integer + required: + - id + - name + - description + description: List's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list + tags: + - Security Solution Lists API + /api/lists/_find: + get: + description: >- + Get a paginated subset of lists. By default, the first page is returned, + with 20 results per page. + operationId: FindLists + parameters: + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of lists to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsCursor' + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_FindListsFilter' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListsCursor + data: + items: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get lists + tags: + - Security Solution Lists API + /api/lists/index: + delete: + description: Delete the `.lists` and `.items` data streams. + operationId: DeleteListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete list data streams + tags: + - Security Solution Lists API + get: + description: Verify that `.lists` and `.items` data streams exist. + operationId: ReadListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + list_index: + type: boolean + list_item_index: + type: boolean + required: + - list_index + - list_item_index + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream(s) not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get status of list data streams + tags: + - Security Solution Lists API + post: + description: Create `.lists` and `.items` data streams in the relevant space. + operationId: CreateListIndex + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + acknowledged: + type: boolean + required: + - acknowledged + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List data stream exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create list data streams + tags: + - Security Solution Lists API + /api/lists/items: + delete: + description: Delete a list item using its `id`, or its `list_id` and `value` fields. + operationId: DeleteListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + default: 'false' + enum: + - 'true' + - 'false' + - wait_for + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Delete a list item + tags: + - Security Solution Lists API + get: + description: Get the details of a list item. + operationId: ReadListItem + parameters: + - description: Required if `list_id` and `value` are not specified + in: query + name: id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: Required if `id` is not specified + in: query + name: value + required: false + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + - items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get a list item + tags: + - Security Solution Lists API + patch: + description: Update specific fields of an existing list item using the list item ID. + operationId: PatchListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Patch a list item + tags: + - Security Solution Lists API + post: + description: > + Create a list item and associate it with the specified list. + + + All list items in the same list must be the same type. For example, each + list item in an `ip` list must define a specific IP address. + + > info + + > Before creating a list item, you must create a list. + operationId: CreateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + refresh: + description: >- + Determines when changes made by the request are made visible + to search + enum: + - 'true' + - 'false' + - wait_for + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - list_id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item already exists response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Create a list item + tags: + - Security Solution Lists API + put: + description: > + Update a list item using the list item ID. The original list item is + replaced, and all unspecified fields are deleted. + + > info + + > You cannot modify the `id` value. + operationId: UpdateListItem + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + _version: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + meta: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemMetadata + value: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemValue + required: + - id + - value + description: List item's properties + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItem' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List item not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Update a list item + tags: + - Security Solution Lists API + /api/lists/items/_export: + post: + description: Export list item values from the specified list. + operationId: ExportListItems + parameters: + - description: List's id to export + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: A `.txt` file containing list items from the specified list + format: binary + type: string + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List not found response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Export list items + tags: + - Security Solution Lists API + /api/lists/items/_find: + get: + description: Get all list items in the specified list. + operationId: FindListItems + parameters: + - description: List's id + in: query + name: list_id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: The page number to return + in: query + name: page + required: false + schema: + type: integer + - description: The number of list items to return per page + in: query + name: per_page + required: false + schema: + type: integer + - description: Determines which field is used to sort the results + in: query + name: sort_field + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + - description: Determines the sort order, which can be `desc` or `asc` + in: query + name: sort_order + required: false + schema: + enum: + - desc + - asc + type: string + - description: > + Returns the list that come after the last list returned in the + previous call + + (use the cursor value returned in the previous call). This parameter + uses + + the `tie_breaker_id` field to ensure all lists are sorted and + returned correctly. + in: query + name: cursor + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + - description: > + Filters the returned results according to the value of the specified + field, + + using the : syntax. + in: query + name: filter + required: false + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsFilter + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + cursor: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_FindListItemsCursor + data: + items: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItem + type: array + page: + minimum: 0 + type: integer + per_page: + minimum: 0 + type: integer + total: + minimum: 0 + type: integer + required: + - data + - page + - per_page + - total + - cursor + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list items + tags: + - Security Solution Lists API + /api/lists/items/_import: + post: + description: > + Import list items from a TXT or CSV file. The maximum file size is 9 + million bytes. + + + You can import items to a new or existing list. + operationId: ImportListItems + parameters: + - description: | + List's id. + + Required when importing to an existing list. + in: query + name: list_id + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + - description: > + Type of the importing list. + + + Required when importing a new list that is `list_id` is not + specified. + in: query + name: type + required: false + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + - in: query + name: serializer + required: false + schema: + type: string + - in: query + name: deserializer + required: false + schema: + type: string + - description: >- + Determines when changes made by the request are made visible to + search + in: query + name: refresh + required: false + schema: + enum: + - 'true' + - 'false' + - wait_for + type: string + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + description: >- + A `.txt` or `.csv` file containing newline separated list + items + format: binary + type: string + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_Solution_Lists_API_List' + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: List with specified list_id does not exist response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Import list items + tags: + - Security Solution Lists API + /api/lists/privileges: + get: + operationId: ReadListPrivileges + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + is_authenticated: + type: boolean + listItems: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListItemPrivileges + lists: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_ListPrivileges + required: + - lists + - listItems + - is_authenticated + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + - $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Invalid input data response + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Unsuccessful authentication response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_PlatformErrorResponse + description: Not enough privileges response + '500': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Lists_API_SiemErrorResponse + description: Internal server error response + summary: Get list privileges + tags: + - Security Solution Lists API + /api/ml/saved_objects/sync: + get: + description: > + Synchronizes Kibana saved objects for machine learning jobs and trained + models in the default space. You must have `all` privileges for the + **Machine Learning** feature in the **Analytics** section of the Kibana + feature privileges. This API runs automatically when you start Kibana + and periodically thereafter. + operationId: mlSync + parameters: + - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + syncExample: + $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' + description: Indicates a successful call + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' + description: Authorization information is missing or invalid. + summary: Sync saved objects in the default space + tags: + - ml + /api/note: + delete: + description: Delete a note from a Timeline using the note ID. + operationId: DeleteNote + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + oneOf: + - nullable: true + type: object + properties: + noteId: + type: string + required: + - noteId + - type: object + properties: + noteIds: + items: + type: string + nullable: true + type: array + required: + - noteIds + description: The ID of the note to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + description: Indicates the note was successfully deleted. + summary: Delete a note + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get all notes for a given document. + operationId: GetNotes + parameters: + - in: query + name: documentIds + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DocumentIds' + - in: query + name: page + schema: + nullable: true + type: number + - in: query + name: perPage + schema: + nullable: true + type: number + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: sortField + schema: + nullable: true + type: string + - in: query + name: sortOrder + schema: + nullable: true + type: string + - in: query + name: filter + schema: + nullable: true + type: string + responses: + '200': + description: Indicates the requested notes were returned. + summary: Get notes + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: Add a note to a Timeline or update an existing note. + operationId: PersistNoteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventDataView: + nullable: true + type: string + eventIngested: + nullable: true + type: string + eventTimestamp: + nullable: true + type: string + note: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + noteId: + nullable: true + type: string + overrideOwner: + nullable: true + type: boolean + version: + nullable: true + type: string + required: + - note + description: The note to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistNote: + type: object + properties: + code: + type: number + message: + type: string + note: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Note + required: + - code + - message + - note + required: + - persistNote + required: + - data + description: Indicates the note was successfully created. + summary: Add or update a note + tags: + - Security Solution Timeline API + - access:securitySolution + /api/osquery/live_queries: + get: + description: Get a list of all live queries. + operationId: OsqueryFindLiveQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindLiveQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live queries + tags: + - Security Solution Osquery API + post: + description: Create and run a live query. + operationId: OsqueryCreateLiveQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateLiveQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a live query + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}: + get: + description: Get the details of a live query using the query ID. + operationId: OsqueryGetLiveQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + schema: + additionalProperties: true + type: object + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query details + tags: + - Security Solution Osquery API + /api/osquery/live_queries/{id}/results/{actionId}: + get: + description: Get the results of a live query using the query action ID. + operationId: OsqueryGetLiveQueryResults + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: path + name: actionId + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get live query results + tags: + - Security Solution Osquery API + /api/osquery/packs: + get: + description: Get a list of all query packs. + operationId: OsqueryFindPacks + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindPacksRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get packs + tags: + - Security Solution Osquery API + post: + description: Create a query pack. + operationId: OsqueryCreatePacks + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a pack + tags: + - Security Solution Osquery API + /api/osquery/packs/{id}: + delete: + description: Delete a query pack using the pack ID. + operationId: OsqueryDeletePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a pack + tags: + - Security Solution Osquery API + get: + description: Get the details of a query pack using the pack ID. + operationId: OsqueryGetPacksDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get pack details + tags: + - Security Solution Osquery API + put: + description: | + Update a query pack using the pack ID. + > info + > You cannot update a prebuilt pack. + operationId: OsqueryUpdatePacks + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdatePacksRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a pack + tags: + - Security Solution Osquery API + /api/osquery/saved_queries: + get: + description: Get a list of all saved queries. + operationId: OsqueryFindSavedQueries + parameters: + - in: query + name: query + required: true + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_FindSavedQueryRequestQuery + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved queries + tags: + - Security Solution Osquery API + post: + description: Create and run a saved query. + operationId: OsqueryCreateSavedQuery + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_CreateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Create a saved query + tags: + - Security Solution Osquery API + /api/osquery/saved_queries/{id}: + delete: + description: Delete a saved query using the query ID. + operationId: OsqueryDeleteSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Delete a saved query + tags: + - Security Solution Osquery API + get: + description: Get the details of a saved query using the query ID. + operationId: OsqueryGetSavedQueryDetails + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Get saved query details + tags: + - Security Solution Osquery API + put: + description: | + Update a saved query using the query ID. + > info + > You cannot update a prebuilt saved query. + operationId: OsqueryUpdateSavedQuery + parameters: + - in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_UpdateSavedQueryRequestBody + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DefaultSuccessResponse + description: OK + summary: Update a saved query + tags: + - Security Solution Osquery API + /api/pinned_event: + patch: + description: Pin an event to an existing Timeline. + operationId: PersistPinnedEventRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + eventId: + type: string + pinnedEventId: + nullable: true + type: string + timelineId: + type: string + required: + - eventId + - timelineId + description: The pinned event to add or update, along with additional metadata. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistPinnedEventOnTimeline: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + - type: object + properties: + code: + type: number + message: + type: string + required: + - persistPinnedEventOnTimeline + required: + - data + description: Indicates the event was successfully pinned to the Timeline. + summary: Pin an event + tags: + - Security Solution Timeline API + - access:securitySolution + /api/risk_score/engine/schedule_now: + post: + description: >- + Schedule the risk scoring engine to run as soon as possible. You can use + this to recalculate entity risk scores after updating their asset + criticality. + operationId: ScheduleRiskEngineNow + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: {} + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse + description: Task manager is unavailable + default: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse + description: Unexpected error + summary: Run the risk scoring engine + tags: + - Security Solution Entity Analytics API + /api/saved_objects/_bulk_create: + post: + deprecated: true + operationId: bulkCreateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: When true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Create saved objects + tags: + - saved objects + /api/saved_objects/_bulk_delete: + post: + deprecated: true + description: | + WARNING: When you delete a saved object, it cannot be recovered. + operationId: bulkDeleteSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + When true, force delete objects that exist in multiple namespaces. + Note that the option applies to the whole request. Use the delete + object API to specify per-object deletion behavior. TIP: Use this if + you attempted to delete objects and received an HTTP 400 error with + the following message: "Unable to delete saved object that exists in + multiple namespaces, use the force option to delete it anyway". + WARNING: When you bulk delete objects that exist in multiple + namespaces, the API also deletes legacy url aliases that reference + the object. These requests are batched to minimise the impact but + they can place a heavy load on Kibana. Make sure you limit the + number of objects that exist in multiple namespaces in a single bulk + delete operation. + in: query + name: force + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Delete saved objects + tags: + - saved objects + /api/saved_objects/_bulk_get: + post: + deprecated: true + operationId: bulkGetSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Get saved objects + tags: + - saved objects + /api/saved_objects/_bulk_resolve: + post: + deprecated: true + description: > + Retrieve multiple Kibana saved objects by identifier using any legacy + URL aliases if they exist. Under certain circumstances when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved by the bulk resolve API + using either its new ID or its old ID. + operationId: bulkResolveSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Resolve saved objects + tags: + - saved objects + /api/saved_objects/_bulk_update: + post: + deprecated: true + description: Update the attributes for multiple Kibana saved objects. + operationId: bulkUpdateSavedObjects + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + items: + type: object + type: array + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: > + Indicates a successful call. NOTE: This HTTP response code indicates + that the bulk operation succeeded. Errors pertaining to individual + objects will be returned in the response body. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Update saved objects + tags: + - saved objects + /api/saved_objects/_export: + post: + description: > + Retrieve sets of saved objects that you want to import into Kibana. + + You must include `type` or `objects` in the request body. + + + Exported saved objects are not backwards compatible and cannot be + imported into an older version of Kibana. + + + NOTE: The `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be exported. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: exportSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsRequest: + $ref: '#/components/examples/Saved_objects_export_objects_request' + schema: + type: object + properties: + excludeExportDetails: + default: false + description: Do not add export details entry at the end of the stream. + type: boolean + includeReferencesDeep: + description: >- + Includes all of the referenced objects in the exported + objects. + type: boolean + objects: + description: A list of objects to export. + items: + type: object + type: array + type: + description: >- + The saved object types to include in the export. Use `*` to + export all the types. + oneOf: + - type: string + - items: + type: string + type: array + required: true + responses: + '200': + content: + application/x-ndjson; Elastic-Api-Version=2023-10-31: + examples: + exportSavedObjectsResponse: + $ref: '#/components/examples/Saved_objects_export_objects_response' + schema: + additionalProperties: true + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Export saved objects + tags: + - saved objects + /api/saved_objects/_find: + get: + deprecated: true + description: Retrieve a paginated set of Kibana saved objects. + operationId: findSavedObjects + parameters: + - description: > + An aggregation structure, serialized as a string. The field format + is similar to filter, meaning that to use a saved object type + attribute in the aggregation, the `savedObjectType.attributes.title: + "myTitle"` format must be used. For root fields, the syntax is + `savedObjectType.rootField`. NOTE: As objects change in Kibana, the + results on each page of the response also change. Use the find API + for traditional paginated results, but avoid using it to export + large amounts of data. + in: query + name: aggs + schema: + type: string + - description: The default operator to use for the `simple_query_string`. + in: query + name: default_search_operator + schema: + type: string + - description: The fields to return in the attributes key of the response. + in: query + name: fields + schema: + oneOf: + - type: string + - type: array + - description: > + The filter is a KQL string with the caveat that if you filter with + an attribute from your saved object type, it should look like that: + `savedObjectType.attributes.title: "myTitle"`. However, if you use a + root attribute of a saved object such as `updated_at`, you will have + to define your filter like that: `savedObjectType.updated_at > + 2018-12-22`. + in: query + name: filter + schema: + type: string + - description: >- + Filters to objects that do not have a relationship with the type and + identifier combination. + in: query + name: has_no_reference + schema: + type: object + - description: >- + The operator to use for the `has_no_reference` parameter. Either + `OR` or `AND`. Defaults to `OR`. + in: query + name: has_no_reference_operator + schema: + type: string + - description: >- + Filters to objects that have a relationship with the type and ID + combination. + in: query + name: has_reference + schema: + type: object + - description: >- + The operator to use for the `has_reference` parameter. Either `OR` + or `AND`. Defaults to `OR`. + in: query + name: has_reference_operator + schema: + type: string + - description: The page of objects to return. + in: query + name: page + schema: + type: integer + - description: The number of objects to return per page. + in: query + name: per_page + schema: + type: integer + - description: >- + An Elasticsearch `simple_query_string` query that filters the + objects in the response. + in: query + name: search + schema: + type: string + - description: >- + The fields to perform the `simple_query_string` parsed query + against. + in: query + name: search_fields + schema: + oneOf: + - type: string + - type: array + - description: > + Sorts the response. Includes "root" and "type" fields. "root" fields + exist for all saved objects, such as "updated_at". "type" fields are + specific to an object type, such as fields returned in the + attributes key of the response. When a single type is defined in the + type parameter, the "root" and "type" fields are allowed, and + validity checks are made in that order. When multiple types are + defined in the type parameter, only "root" fields are allowed. + in: query + name: sort_field + schema: + type: string + - description: The saved object types to include. + in: query + name: type + required: true + schema: + oneOf: + - type: string + - type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request + summary: Search for saved objects + tags: + - saved objects + /api/saved_objects/_import: + post: + description: > + Create sets of Kibana saved objects from a file created by the export + API. + + Saved objects can be imported only into the same version, a newer minor + on the same major, or the next major. Exported saved objects are not + backwards compatible and cannot be imported into an older version of + Kibana. + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: importSavedObjectsDefault + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Creates copies of saved objects, regenerates each object ID, and + resets the origin. When used, potential conflict errors are avoided. + NOTE: This option cannot be used with the `overwrite` and + `compatibilityMode` options. + in: query + name: createNewCopies + required: false + schema: + type: boolean + - description: > + Overwrites saved objects when they already exist. When used, + potential conflict errors are automatically resolved by overwriting + the destination object. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: overwrite + required: false + schema: + type: boolean + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. Use this option only if you encounter issues with imported + saved objects. NOTE: This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + importObjectsRequest: + $ref: '#/components/examples/Saved_objects_import_objects_request' + schema: + type: object + properties: + file: + description: > + A file exported using the export API. NOTE: The + `savedObjects.maxImportExportSize` configuration setting + limits the number of saved objects which may be included in + this file. Similarly, the + `savedObjects.maxImportPayloadBytes` setting limits the + overall size of the file that can be imported. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + importObjectsResponse: + $ref: '#/components/examples/Saved_objects_import_objects_response' + schema: + type: object + properties: + errors: + description: > + Indicates the import was unsuccessful and specifies the + objects that failed to import. + + + NOTE: One object may result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and conflict error. + items: + type: object + type: array + success: + description: > + Indicates when the import was successfully completed. When + set to false, some objects may not have been created. For + additional information, refer to the `errors` and + `successResults` properties. + type: boolean + successCount: + description: Indicates the number of successfully imported records. + type: integer + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are created only when all resolvable errors + are addressed, including conflicts and missing references. + If objects are created as new copies, each entry in the + `successResults` array includes a `destinationId` + attribute. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Import saved objects + tags: + - saved objects + x-codeSamples: + - label: Import with createNewCopies + lang: cURL + source: | + curl \ + -X POST api/saved_objects/_import?createNewCopies=true + -H "kbn-xsrf: true" + --form file=@file.ndjson + /api/saved_objects/_resolve_import_errors: + post: + description: > + To resolve errors from the Import objects API, you can: + + + * Retry certain saved objects + + * Overwrite specific saved objects + + * Change references to different saved objects + + + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + operationId: resolveImportErrors + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - description: > + Applies various adjustments to the saved objects that are being + imported to maintain compatibility between different Kibana + versions. When enabled during the initial import, also enable when + resolving import errors. This option cannot be used with the + `createNewCopies` option. + in: query + name: compatibilityMode + required: false + schema: + type: boolean + - description: > + Creates copies of the saved objects, regenerates each object ID, and + resets the origin. When enabled during the initial import, also + enable when resolving import errors. + in: query + name: createNewCopies + required: false + schema: + type: boolean + requestBody: + content: + multipart/form-data; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsRequest: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_request + schema: + type: object + properties: + file: + description: The same file given to the import API. + format: binary + type: string + retries: + description: >- + The retry operations, which can specify how to resolve + different types of errors. + items: + type: object + properties: + destinationId: + description: >- + Specifies the destination ID that the imported object + should have, if different from the current ID. + type: string + id: + description: The saved object ID. + type: string + ignoreMissingReferences: + description: >- + When set to `true`, ignores missing reference errors. + When set to `false`, does nothing. + type: boolean + overwrite: + description: >- + When set to `true`, the source object overwrites the + conflicting destination object. When set to `false`, + does nothing. + type: boolean + replaceReferences: + description: >- + A list of `type`, `from`, and `to` used to change the + object references. + items: + type: object + properties: + from: + type: string + to: + type: string + type: + type: string + type: array + type: + description: The saved object type. + type: string + required: + - type + - id + type: array + required: + - retries + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + examples: + resolveImportErrorsResponse: + $ref: >- + #/components/examples/Saved_objects_resolve_missing_reference_response + schema: + type: object + properties: + errors: + description: > + Specifies the objects that failed to resolve. + + + NOTE: One object can result in multiple errors, which + requires separate steps to resolve. For instance, a + `missing_references` error and a `conflict` error. + items: + type: object + type: array + success: + description: > + Indicates a successful import. When set to `false`, some + objects may not have been created. For additional + information, refer to the `errors` and `successResults` + properties. + type: boolean + successCount: + description: | + Indicates the number of successfully resolved records. + type: number + successResults: + description: > + Indicates the objects that are successfully imported, with + any metadata if applicable. + + + NOTE: Objects are only created when all resolvable errors + are addressed, including conflict and missing references. + items: + type: object + type: array + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve import errors + tags: + - saved objects + /api/saved_objects/{type}: + post: + deprecated: true + description: Create a Kibana saved object with a randomly generated identifier. + operationId: createSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_references' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + /api/saved_objects/{type}/{id}: + get: + deprecated: true + description: Retrieve a single Kibana saved object by identifier. + operationId: getSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Get a saved object + tags: + - saved objects + post: + deprecated: true + description: >- + Create a Kibana saved object and specify its identifier instead of using + a randomly generated ID. + operationId: createSavedObjectId + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + - description: If true, overwrites the document with the same identifier. + in: query + name: overwrite + schema: + type: boolean + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + attributes: + $ref: '#/components/schemas/Saved_objects_attributes' + initialNamespaces: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + references: + $ref: '#/components/schemas/Saved_objects_initial_namespaces' + required: + - attributes + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Create a saved object + tags: + - saved objects + put: + deprecated: true + description: Update the attributes for Kibana saved objects. + operationId: updateSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates the object was not found. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a conflict error. + summary: Update a saved object + tags: + - saved objects + /api/saved_objects/resolve/{type}/{id}: + get: + deprecated: true + description: > + Retrieve a single Kibana saved object by identifier using any legacy URL + alias if it exists. Under certain circumstances, when Kibana is + upgraded, saved object migrations may necessitate regenerating some + object IDs to enable new features. When an object's ID is regenerated, a + legacy URL alias is created for that object, preserving its old ID. In + such a scenario, that object can be retrieved using either its new ID or + its old ID. + operationId: resolveSavedObject + parameters: + - $ref: '#/components/parameters/Saved_objects_saved_object_id' + - $ref: '#/components/parameters/Saved_objects_saved_object_type' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Saved_objects_400_response' + description: Bad request. + summary: Resolve a saved object + tags: + - saved objects + /api/security_ai_assistant/anonymization_fields/_bulk_action: + post: + description: >- + Apply a bulk action to multiple anonymization fields. The bulk action is + applied to all anonymization fields that match the filter or to the list + of anonymization fields by their IDs. + operationId: PerformAnonymizationFieldsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of anonymization fields IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter anonymization fields + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to anonymization fields + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/anonymization_fields/_find: + get: + description: Get a list of all anonymization fields. + operationId: FindAnonymizationFields + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: AnonymizationFields per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get anonymization fields + tags: + - Security AI Assistant API + - AnonymizationFields API + /api/security_ai_assistant/chat/complete: + post: + description: Create a model response for the given chat conversation. + operationId: ChatComplete + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' + required: true + responses: + '200': + content: + application/octet-stream; Elastic-Api-Version=2023-10-31: + schema: + format: binary + type: string + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a model response + tags: + - Security AI Assistant API + - Chat Complete API + /api/security_ai_assistant/current_user/conversations: + post: + description: Create a new Security AI Assistant conversation. + operationId: CreateConversation + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Create a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/current_user/conversations/_find: + get: + description: Get a list of all conversations for the current user. + operationId: FindConversations + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Conversations per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get conversations + tags: + - Security AI Assistant API + - Conversations API + /api/security_ai_assistant/current_user/conversations/{id}: + delete: + description: Delete an existing conversation using the conversation ID. + operationId: DeleteConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Delete a conversation + tags: + - Security AI Assistant API + - Conversation API + get: + description: Get the details of an existing conversation using the conversation ID. + operationId: ReadConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get a conversation + tags: + - Security AI Assistant API + - Conversations API + put: + description: Update an existing conversation using the conversation ID. + operationId: UpdateConversation + parameters: + - description: The conversation's `id` value. + in: path + name: id + required: true + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Update a conversation + tags: + - Security AI Assistant API + - Conversation API + /api/security_ai_assistant/prompts/_bulk_action: + post: + description: >- + Apply a bulk action to multiple prompts. The bulk action is applied to + all prompts that match the filter or to the list of prompts by their + IDs. + operationId: PerformPromptsBulkAction + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + create: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptCreateProps + type: array + delete: + type: object + properties: + ids: + description: Array of prompts IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter promps + type: string + update: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps + type: array + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse + description: Indicates a successful call. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Apply a bulk action to prompts + tags: + - Security AI Assistant API + - Bulk API + /api/security_ai_assistant/prompts/_find: + get: + description: Get a list of all prompts. + operationId: FindPrompts + parameters: + - in: query + name: fields + required: false + schema: + items: + type: string + type: array + - description: Search query + in: query + name: filter + required: false + schema: + type: string + - description: Field to sort by + in: query + name: sort_field + required: false + schema: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField + - description: Sort order + in: query + name: sort_order + required: false + schema: + $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' + - description: Page number + in: query + name: page + required: false + schema: + default: 1 + minimum: 1 + type: integer + - description: Prompts per page + in: query + name: per_page + required: false + schema: + default: 20 + minimum: 0 + type: integer + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptResponse + type: array + page: + type: integer + perPage: + type: integer + total: + type: integer + required: + - page + - perPage + - total + - data + description: Successful response + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + summary: Get prompts + tags: + - Security AI Assistant API + - Prompts API + /api/status: + get: + operationId: '%2Fapi%2Fstatus#0' + parameters: + - description: The version of the API to use + in: header + name: elastic-api-version + schema: + default: '2023-10-31' + enum: + - '2023-10-31' + type: string + - description: Set to "true" to get the response in v7 format. + in: query + name: v7format + required: false + schema: + type: boolean + - description: Set to "true" to get the response in v8 format. + in: query + name: v8format + required: false + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: Overall status is OK and Kibana should be functioning normally. + '503': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + anyOf: + - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' + - $ref: >- + #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse + description: >- + Kibana's operational status. A minimal response is sent for + unauthorized users. + description: >- + Kibana or some of it's essential services are unavailable. Kibana + may be degraded or unavailable. + summary: Get Kibana's current status + tags: + - system + /api/timeline: + delete: + description: Delete one or more Timelines or Timeline templates. + operationId: DeleteTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + savedObjectIds: + items: + type: string + type: array + searchIds: + description: >- + Saved search ids that should be deleted alongside the + timelines + items: + type: string + type: array + required: + - savedObjectIds + description: The IDs of the Timelines or Timeline templates to delete. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + deleteTimeline: + type: boolean + required: + - deleteTimeline + required: + - data + description: Indicates the Timeline was successfully deleted. + summary: Delete Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + get: + description: Get the details of an existing saved Timeline or Timeline template. + operationId: GetTimeline + parameters: + - description: The ID of the template timeline to retrieve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the Timeline to retrieve. + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: Indicates that the (template) Timeline was found and returned. + summary: Get Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + patch: + description: >- + Update an existing Timeline. You can update the title, description, date + range, pinned events, pinned queries, and/or pinned saved queries of an + existing Timeline. + operationId: PatchTimeline + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + version: + nullable: true + type: string + required: + - timelineId + - version + - timeline + description: The Timeline updates, along with the Timeline ID and version. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates that the user does not have the required access to create + a draft Timeline. + summary: Update a Timeline + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: Create a new Timeline or Timeline template. + operationId: CreateTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + status: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineStatus + nullable: true + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + version: + nullable: true + type: string + required: + - timeline + description: >- + The required Timeline fields used to create a new Timeline, along with + optional fields that will be created if not provided. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - persistTimeline + required: + - data + description: Indicates the Timeline was successfully created. + '405': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that there was an error in the Timeline creation. + summary: Create a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_draft: + get: + description: >- + Get the details of the draft Timeline or Timeline template for the + current user. If the user doesn't have a draft Timeline, an empty + Timeline is returned. + operationId: GetDraftTimelines + parameters: + - in: query + name: timelineType + required: true + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: Indicates that the draft Timeline was successfully retrieved. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + If a draft Timeline was not found and we attempted to create one, it + indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + This should never happen, but if a draft Timeline was not found and + we attempted to create one, it indicates that there is already a + draft Timeline with the given `timelineId`. + summary: Get draft Timeline or Timeline template details + tags: + - Security Solution Timeline API + - access:securitySolution + post: + description: > + Create a clean draft Timeline or Timeline template for the current user. + + > info + + > If the user already has a draft Timeline, the existing draft Timeline + is cleared and returned. + operationId: CleanDraftTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + required: + - timelineType + description: >- + The type of Timeline to create. Valid values are `default` and + `template`. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistTimeline: + type: object + properties: + timeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + required: + - timeline + required: + - persistTimeline + required: + - data + description: >- + Indicates that the draft Timeline was successfully created. In the + event the user already has a draft Timeline, the existing draft + Timeline is cleared and returned. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that the user does not have the required permissions to + create a draft Timeline. + '409': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + message: + type: string + status_code: + type: number + description: >- + Indicates that there is already a draft Timeline with the given + `timelineId`. + summary: Create a clean draft Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_export: + post: + description: Export Timelines as an NDJSON file. + operationId: ExportTimelines + parameters: + - description: The name of the file to export + in: query + name: file_name + required: true + schema: + type: string + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + ids: + items: + type: string + nullable: true + type: array + description: The IDs of the Timelines to export. + required: true + responses: + '200': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + description: NDJSON of the exported Timelines + type: string + description: Indicates the Timelines were successfully exported. + '400': + content: + application/ndjson; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Indicates that the export size limit was exceeded. + summary: Export Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_favorite: + patch: + description: Favorite a Timeline or Timeline template for the current user. + operationId: PersistFavoriteRoute + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineId: + nullable: true + type: string + timelineType: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineType + nullable: true + required: + - timelineId + - templateTimelineId + - templateTimelineVersion + - timelineType + description: The required fields used to favorite a (template) Timeline. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + persistFavorite: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResponse + required: + - persistFavorite + required: + - data + description: Indicates the favorite status was successfully updated. + '403': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the user does not have the required permissions to persist + the favorite status. + summary: Favorite a Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_import: + post: + description: Import Timelines. + operationId: ImportTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + file: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Timeline_API_Readable + - type: object + properties: + hapi: + type: object + properties: + filename: + type: string + headers: + type: object + isImmutable: + enum: + - 'true' + - 'false' + type: string + required: + - filename + - headers + required: + - hapi + description: The Timelines to import as a readable stream. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the import of Timelines was successful. + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: >- + Indicates the import of Timelines was unsuccessful because of an + invalid file extension. + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + id: + type: string + statusCode: + type: number + description: >- + Indicates that we were unable to locate the saved object client + necessary to handle the import. + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + id: + type: string + statusCode: + type: number + description: Indicates the import of Timelines was unsuccessful. + summary: Import Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/_prepackaged: + post: + description: Install or update prepackaged Timelines. + operationId: InstallPrepackedTimelines + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + prepackagedTimelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SavedTimeline + type: array + timelinesToInstall: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + timelinesToUpdate: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelines + nullable: true + type: array + required: + - timelinesToInstall + - timelinesToUpdate + - prepackagedTimelines + description: The Timelines to install or update. + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ImportTimelineResult + required: + - data + description: Indicates the installation of prepackaged Timelines was successful. + '500': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: >- + Indicates the installation of prepackaged Timelines was + unsuccessful. + summary: Install prepackaged Timelines + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timeline/resolve: + get: + operationId: ResolveTimeline + parameters: + - description: The ID of the template timeline to resolve + in: query + name: template_timeline_id + schema: + type: string + - description: The ID of the timeline to resolve + in: query + name: id + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + getOneTimeline: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + nullable: true + required: + - getOneTimeline + required: + - data + description: The (template) Timeline has been found + '400': + description: The request is missing parameters + '404': + description: The (template) Timeline was not found + summary: Get an existing saved Timeline or Timeline template + tags: + - Security Solution Timeline API + - access:securitySolution + /api/timelines: + get: + description: Get a list of all saved Timelines or Timeline templates. + operationId: GetTimelines + parameters: + - description: >- + If true, only timelines that are marked as favorites by the user are + returned. + in: query + name: only_user_favorite + schema: + enum: + - 'true' + - 'false' + nullable: true + type: string + - in: query + name: timeline_type + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + - in: query + name: sort_field + schema: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SortFieldTimeline + - in: query + name: sort_order + schema: + enum: + - asc + - desc + type: string + - in: query + name: page_size + schema: + nullable: true + type: string + - in: query + name: page_index + schema: + nullable: true + type: string + - in: query + name: search + schema: + nullable: true + type: string + - in: query + name: status + schema: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineStatus' + nullable: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + data: + type: object + properties: + customTemplateTimelineCount: + type: number + defaultTimelineCount: + type: number + elasticTemplateTimelineCount: + type: number + favoriteCount: + type: number + templateTimelineCount: + type: number + timelines: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_TimelineResponse + type: array + totalCount: + type: number + required: + - timelines + - totalCount + - defaultTimelineCount + - templateTimelineCount + - favoriteCount + - elasticTemplateTimelineCount + - customTemplateTimelineCount + required: + - data + description: Indicates that the (template) Timelines were found and returned. + '400': + content: + application:json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + body: + type: string + statusCode: + type: number + description: Bad request. The user supplied invalid data. + summary: Get Timelines or Timeline templates + tags: + - Security Solution Timeline API + - access:securitySolution + /s/{spaceId}/api/observability/slos: + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: findSlosOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - description: A valid kql query to filter the SLO with + example: 'slo.name:latency* and slo.tags : "prod"' + in: query + name: kqlQuery + schema: + type: string + - description: The page to use for pagination, must be greater or equal than 1 + example: 1 + in: query + name: page + schema: + default: 1 + type: integer + - description: Number of SLOs returned by page + example: 25 + in: query + name: perPage + schema: + default: 25 + maximum: 5000 + type: integer + - description: Sort by field + example: status + in: query + name: sortBy + schema: + default: status + enum: + - sli_value + - status + - error_budget_consumed + - error_budget_remaining + type: string + - description: Sort order + example: asc + in: query + name: sortDirection + schema: + default: asc + enum: + - asc + - desc + type: string + - description: >- + Hide stale SLOs from the list as defined by stale SLO threshold in + SLO settings + in: query + name: hideStale + schema: + type: boolean + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_find_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get a paginated list of SLOs + tags: + - slo + post: + description: > + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: createSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_create_slo_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '409': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_409_response' + description: Conflict - The SLO id already exists + summary: Create an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/_delete_instances: + post: + description: > + The deletion occurs for the specified list of `sloId` and `instanceId`. + You must have `all` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloInstancesOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_delete_slo_instances_request' + required: true + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + summary: Batch delete rollup and summary data + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}: + delete: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: deleteSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Delete an SLO + tags: + - slo + get: + description: > + You must have the `read` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: getSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + - description: the specific instanceId used by the summary calculation + example: host-abcde + in: query + name: instanceId + schema: + type: string + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Get an SLO + tags: + - slo + put: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: updateSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + requestBody: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_update_slo_request' + required: true + responses: + '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Update an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/_reset: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: resetSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_slo_definition_response' + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Reset an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/disable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: disableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '200': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Disable an SLO + tags: + - slo + /s/{spaceId}/api/observability/slos/{sloId}/enable: + post: + description: > + You must have the `write` privileges for the **SLOs** feature in the + **Observability** section of the Kibana feature privileges. + operationId: enableSloOp + parameters: + - $ref: '#/components/parameters/SLOs_kbn_xsrf' + - $ref: '#/components/parameters/SLOs_space_id' + - $ref: '#/components/parameters/SLOs_slo_id' + responses: + '204': + description: Successful request + '400': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_400_response' + description: Bad request + '401': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_401_response' + description: Unauthorized response + '403': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_403_response' + description: Unauthorized response + '404': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + $ref: '#/components/schemas/SLOs_404_response' + description: Not found response + summary: Enable an SLO + tags: + - slo +components: + examples: + Alerting_get_health_response: + summary: Retrieve information about the health of the alerting framework. + value: + alerting_framework_health: + decryption_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + execution_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + read_health: + status: ok + timestamp: '2023-01-13T01:28:00.280Z' + has_permanent_encryption_key: true + is_sufficiently_secure: true + Alerting_get_rule_types_response: + summary: Retrieve rule types associated with Kibana machine learning features + value: + - action_groups: + - id: anomaly_score_match + name: Anomaly score matched the condition + - id: recovered + name: Recovered + action_variables: + context: + - description: The bucket timestamp of the anomaly + name: timestamp + - description: The bucket time of the anomaly in ISO8601 format + name: timestampIso8601 + - description: List of job IDs that triggered the alert + name: jobIds + - description: Alert info message + name: message + - description: Indicate if top hits contain interim results + name: isInterim + - description: Anomaly score at the time of the notification action + name: score + - description: Top records + name: topRecords + - description: Top influencers + name: topInfluencers + - description: URL to open in the Anomaly Explorer + name: anomalyExplorerUrl + useWithTripleBracesInTemplates: true + params: [] + state: [] + alerts: + context: ml.anomaly-detection + mappings: + fieldMap: + kibana.alert.anomaly_score: + array: false + type: double + required: false + kibana.alert.anomaly_timestamp: + array: false + type: date + required: false + kibana.alert.is_interim: + array: false + type: boolean + required: false + kibana.alert.job_id: + array: false + type: keyword + required: true + kibana.alert.top_influencers: + array: true + dynamic: false + type: object + properties: + influencer_field_name: + type: keyword + influencer_field_value: + type: keyword + influencer_score: + type: double + initial_influencer_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + timestamp: + type: date + required: false + kibana.alert.top_records: + array: true + dynamic: false + type: object + properties: + actual: + type: double + by_field_name: + type: keyword + by_field_value: + type: keyword + detector_index: + type: integer + field_name: + type: keyword + function: + type: keyword + initial_record_score: + type: double + is_interim: + type: boolean + job_id: + type: keyword + over_field_name: + type: keyword + over_field_value: + type: keyword + partition_field_name: + type: keyword + partition_field_value: + type: keyword + record_score: + type: double + timestamp: + type: date + typical: + type: double + required: false + shouldWrite: true + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true + read: true + discover: + all: true + read: true + infrastructure: + all: true + read: true + logs: + all: true + read: true + ml: + all: true + read: true + monitoring: + all: true + read: true + siem: + all: true + read: true + slo: + all: true + read: true + stackAlerts: + all: true + read: true + uptime: + all: true + read: true + category: management + default_action_group_id: anomaly_score_match + does_set_recovery_context: true + enabled_in_license: true + has_alerts_mappings: true + has_fields_for_a_a_d: false + id: xpack.ml.anomaly_detection_alert + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection alert + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + - action_groups: + - id: anomaly_detection_realtime_issue + name: Issue detected + - id: recovered + name: Recovered + action_variables: + context: + - description: Results of the rule execution + name: results + - description: Alert info message + name: message + params: [] + state: [] + authorized_consumers: + alerts: + all: true + read: true + apm: + all: true + read: true + discover: + all: true + read: true + infrastructure: + all: true + read: true + logs: + all: true + read: true + ml: + all: true + read: true + monitoring: + all: true + read: true + siem: + all: true + read: true + slo: + all: true + read: true + stackAlerts: + all: true + read: true + uptime: + all: true + read: true + category: management + default_action_group_id: anomaly_detection_realtime_issue + does_set_recovery_context: true + enabled_in_license: true + has_alerts_mappings: false + has_fields_for_a_a_d: false + id: xpack.ml.anomaly_detection_jobs_health + is_exportable: true + minimum_license_required: platinum + name: Anomaly detection jobs health + producer: ml + recovery_action_group: + id: recovered + name: Recovered + rule_task_timeout: 5m + Cases_add_comment_request: + summary: Adds a comment to a case. + value: + comment: A new comment. + owner: cases + type: user + Cases_add_comment_response: + summary: >- + The add comment to case API returns a JSON object that contains details + about the case and its comments. + value: + assignees: [] + category: null + closed_at: null + closed_by: null + comments: + - comment: A new comment. + created_at: '2022-10-02T00:49:47.716Z' + created_by: + email: null + full_name: null + username: elastic + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + type: user + version: WzIwNDMxLDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2022-03-24T00:37:03.906Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: Field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: true + description: A case description. + duration: null + external_service: null + id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2022-06-03T00:49:47.716Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIzMzgsMV0= + Cases_create_case_request: + summary: Create a security case that uses a Jira connector. + value: + connector: + fields: + issueType: '10006' + parent: null + priority: High + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + description: A case description. + owner: cases + settings: + syncAlerts: true + tags: + - tag-1 + title: Case title 1 + Cases_create_case_response: + summary: >- + The create case API returns a JSON object that contains details about + the case. + value: + assignees: [] + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: High + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + created_at: '2022-10-13T15:33:50.604Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description. + duration: null + external_service: null + id: 66b9aa00-94fa-11ea-9f74-e7e108796192 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: null + updated_by: null + version: WzUzMiwxXQ== + Cases_find_case_activity_response: + summary: Retrieves all activity for a case + value: + page: 1 + perPage: 20 + total: 3 + userActions: + - action: create + comment_id: null + created_at: '2023-10-20T01:17:22.150Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: b4cd0770-07c9-11ed-a5fd-47154cb8767e + owner: cases + payload: + assignees: [] + category: null + connector: + fields: null + id: none + name: none + type: .none + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description. + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + type: create_case + version: WzM1ODg4LDFd + - action: create + comment_id: 578608d0-03b1-11ed-920c-974bfa104448 + created_at: '2023-10-14T20:12:53.354Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 57af14a0-03b1-11ed-920c-974bfa104448 + owner: cases + payload: + comment: A new comment + owner: cases + type: user + type: comment + version: WzM1ODg4LDFa + - action: add + comment_id: null + created_at: '2023-10-20T01:10:28.238Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 573c6980-6123-11ed-aa41-81a0a61fe447 + owner: cases + payload: + assignees: + uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + type: assignees + version: WzM1ODg4LDFb + Cases_find_case_response: + summary: >- + Retrieve the first five cases with the `tag-1` tag, in ascending order + by last update time. + value: + cases: + - assignees: [] + category: null + closed_at: null + closed_by: null + comments: [] + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-12T00:16:36.371Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: Case description + duration: null + external_service: null + id: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag-1 + title: Case title + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-12T00:27:58.162Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzExMCwxXQ== + count_closed_cases: 0 + count_in_progress_cases: 0 + count_open_cases: 1 + page: 1 + per_page: 5 + total: 1 + Cases_find_connector_response: + summary: Retrieve information about the connectors and their settings. + value: + - actionTypeId: .jira + config: + apiUrl: https://elastic.atlassian.net/ + projectKey: ES + id: 61787f53-4eee-4741-8df6-8fe84fa616f7 + isDeprecated: false + isMissingSecrets: false + isPreconfigured: false + name: my-Jira + referencedByCount: 0 + Cases_get_case_alerts_response: + summary: Retrieves all alerts attached to a case + value: + - attached_at: '2022-07-25T20:09:40.963Z' + id: f6a7d0c3-d52d-432c-b2e6-447cd7fce04d + index: .alerts-observability.logs.alerts-default + Cases_get_case_configuration_response: + summary: Get the case configuration. + value: + - closure_type: close-by-user + connector: + fields: null + id: none + name: none + type: .none + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null + full_name: null + username: elastic + customFields: + - defaultValue: Custom text field value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + error: null + id: 856ee650-6c82-11ee-a20a-6164169afa58 + mappings: [] + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + connector: + fields: null + id: none + name: none + type: .none + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: Default text field value. + description: A default description for cases. + settings: + syncAlerts: false + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + updated_at: null + updated_by: null + version: WzEyLDNd + Cases_get_case_observability_response: + summary: >- + Retrieves information about an Observability case including its alerts + and comments. + value: + assignees: + - uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + category: null + closed_at: null + closed_by: null + comments: + - alertId: + - a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + created_at: '2023-11-06T19:29:38.424Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 59d438d0-79a9-4864-8d4b-e63adacebf6e + index: + - .internal.alerts-observability.logs.alerts-default-000001 + owner: observability + pushed_at: null + pushed_by: null + rule: + id: 03e4eb87-62ca-4e5d-9570-3d7625e9669d + name: Observability rule + type: alert + updated_at: null + updated_by: null + version: WzY3LDJd + - comment: The first comment. + created_at: '2023-11-06T19:29:57.812Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: d99342d3-3aa3-4b80-90ec-a702607604f5 + owner: observability + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzcyLDJd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-11-06T19:29:04.086Z' + created_by: + email: null + full_name: null + username: elastic + customFields: [] + description: An Observability case description. + duration: null + external_service: null + id: c3ff7550-def1-4e90-b6bc-c9969a4a09b1 + owner: observability + settings: + syncAlerts: false + severity: low + status: in-progress + tags: + - observability + - tag 1 + title: Observability case title 1 + totalAlerts: 1 + totalComment: 1 + updated_at: '2023-11-06T19:47:55.662Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzI0NywyXQ== + Cases_get_case_response: + summary: Retrieves information about a case including its comments. + value: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: null + closed_at: null + closed_by: null + comments: + - comment: A new comment + created_at: '2023-10-13T15:40:32.335Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 2134c1d0-02c2-11ed-85f2-4f7c222ca2fa + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzM3LDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-13T15:33:50.604Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: null + description: A case description + duration: null + external_service: null + id: 31cdada0-02c1-11ed-85f2-4f7c222ca2fa + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-13T15:40:32.335Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzM2LDFd + Cases_get_comment_response: + summary: A single user comment retrieved from a case + value: + comment: A new comment + created_at: '2023-10-07T19:32:13.104Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 8048b460-fe2b-11ec-b15d-779a7c8bbcc3 + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: null + updated_by: null + version: WzIzLDFd + Cases_get_reporters_response: + summary: A list of two users that opened cases + value: + - email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + - email: jdoe@example.com + full_name: Jane Doe + profile_uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + username: jdoe + Cases_get_tags_response: + summary: A list of tags that are used in cases + value: + - observability + - security + - tag 1 + - tag 2 + Cases_push_case_response: + summary: >- + The push case API returns a JSON object with details about the case and + the external service. + value: + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: Low + id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 + name: My connector + type: .jira + created_at: '2022-07-29T00:59:39.444Z' + created_by: + email: null + full_name: null + username: elastic + description: A case description. + duration: null + external_service: + connector_id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 + connector_name: My connector + external_id: '71926' + external_title: ES-554 + external_url: https://cases.jira.com + pushed_at: '2022-07-29T01:20:58.436Z' + pushed_by: + email: null + full_name: null + username: elastic + id: b917f300-0ed9-11ed-bd18-65557fe66949 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: '2022-07-29T01:20:58.436Z' + updated_by: + email: null + full_name: null + username: elastic + version: WzE3NjgsM10= + Cases_set_case_configuration_request: + summary: >- + Set the closure type, custom fields, and default connector for Stack + Management cases. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + customFields: + - defaultValue: My custom field default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: A text field value for the template. + description: A default description for cases. + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + Cases_set_case_configuration_response: + summary: This is an example response for case settings. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null, + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - defaultValue: My custom field default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: false + error: null + id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + mappings: + - action_type: overwrite + source: title + target: summary + - action_type: overwrite + source: description + target: description + - action_type: append + source: comments + target: comments + - action_type: overwrite + source: tags + target: labels + owner: cases + templates: + - caseFields: + assignees: + - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + category: Default-category + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: A text field value for the template. + description: A default description for cases. + tags: + - Default case tag + title: Default case title + description: A description of the template. + key: 505932fe-ee3a-4960-a661-c781b5acdb05 + name: template-1 + tags: + - Template tag 1 + updated_at: null + updated_by: null + version: WzIwNzMsMV0= + Cases_update_case_configuration_request: + summary: Update the case settings. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + customFields: + - defaultValue: A new default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: true + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + label: my-toggle + type: toggle + required: false + version: WzExOSw0XQ== + Cases_update_case_configuration_response: + summary: This is an example response when the case configuration was updated. + value: + closure_type: close-by-user + connector: + fields: null + id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 + name: my-jira-connector + type: .jira + created_at: '2024-07-01T17:07:17.767Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - defaultValue: A new default value. + key: d312efda-ec2b-42ec-9e2c-84981795c581 + label: my-text-field + type: text + required: true + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + label: my-toggle + type: toggle + required: false + error: null + id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 + mappings: + - action_type: overwrite + source: title + target: summary + - action_type: overwrite + source: description + target: description + - action_type: overwrite + source: tags + target: labels + - action_type: append + source: comments + target: comments + owner: cases + templates: [] + updated_at: '2024-07-19T00:52:42.401Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzI2LDNd + Cases_update_case_request: + summary: Update the case description, tags, and connector. + value: + cases: + - connector: + fields: + issueType: '10006' + parent: null + priority: null + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + customFields: + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + description: A case description. + id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2 + settings: + syncAlerts: true + tags: + - tag-1 + version: WzIzLDFd + Cases_update_case_response: + summary: >- + This is an example response when the case description, tags, and + connector were updated. + value: + - assignees: [] + category: null + closed_at: null + closed_by: null + comments: [] + connector: + fields: + issueType: '10006' + parent: null + priority: null + id: 131d4448-abe0-4789-939d-8ef60680b498 + name: My connector + type: .jira + created_at: '2023-10-13T09:16:17.416Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + description: A case description. + duration: null + external_service: + connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8 + connector_name: Jira + external_id: '10003' + external_title: IS-4 + external_url: https://hms.atlassian.net/browse/IS-4 + pushed_at: '2023-10-13T09:20:40.672Z' + pushed_by: + email: null + full_name: null + username: elastic + id: 66b9aa00-94fa-11ea-9f74-e7e108796192 + owner: cases + settings: + syncAlerts: true + severity: low + status: open + tags: + - tag-1 + title: Case title 1 + totalAlerts: 0 + totalComment: 0 + updated_at: '2023-10-13T09:48:33.043Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzU0OCwxXQ== + Cases_update_comment_request: + summary: Updates a comment of a case. + value: + comment: An updated comment. + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + type: user + version: Wzk1LDFd + Cases_update_comment_response: + summary: >- + The add comment to case API returns a JSON object that contains details + about the case and its comments. + value: + assignees: [] + category: null + closed_at: null + closed_by: null + comments: + - comment: An updated comment. + created_at: '2023-10-24T00:37:10.832Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + owner: cases + pushed_at: null + pushed_by: null + type: user + updated_at: '2023-10-24T01:27:06.210Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIwNjM3LDFd + connector: + fields: null + id: none + name: none + type: .none + created_at: '2023-10-24T00:37:03.906Z' + created_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + customFields: + - key: d312efda-ec2b-42ec-9e2c-84981795c581 + type: text + value: My new field value + - key: fcc6840d-eb14-42df-8aaf-232201a705ec + type: toggle + value: false + description: A case description. + duration: null + external_service: null + id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 + owner: cases + settings: + syncAlerts: false + severity: low + status: open + tags: + - tag 1 + title: Case title 1 + totalAlerts: 0 + totalComment: 1 + updated_at: '2023-10-24T01:27:06.210Z' + updated_by: + email: null + full_name: null + profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 + username: elastic + version: WzIwNjM2LDFd + Data_views_create_data_view_request: + summary: Create a data view with runtime fields. + value: + data_view: + name: My Logstash data view + runtimeFieldMap: + runtime_shape_name: + script: + source: emit(doc['shape_name'].value) + type: keyword + title: logstash-* + Data_views_create_runtime_field_request: + summary: Create a runtime field. + value: + name: runtimeFoo + runtimeField: + script: + source: emit(doc["foo"].value) + type: long + Data_views_get_data_view_response: + summary: >- + The get data view API returns a JSON object that contains information + about the data view. + value: + data_view: + allowNoIndex: false + fieldAttrs: + products.manufacturer: + count: 1 + products.price: + count: 1 + products.product_name: + count: 1 + total_quantity: + count: 1 + fieldFormats: + products.base_price: + id: number + params: + pattern: $0,0.00 + products.base_unit_price: + id: number + params: + pattern: $0,0.00 + products.min_price: + id: number + params: + pattern: $0,0.00 + products.price: + id: number + params: + pattern: $0,0.00 + products.taxful_price: + id: number + params: + pattern: $0,0.00 + products.taxless_price: + id: number + params: + pattern: $0,0.00 + taxful_total_price: + id: number + params: + pattern: $0,0.[00] + taxless_total_price: + id: number + params: + pattern: $0,0.00 + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: category + type: string + currency: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: currency + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_birth_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: customer_birth_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + customer_first_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_first_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_first_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_first_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_first_name + type: string + customer_full_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_full_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_full_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_full_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_full_name + type: string + customer_gender: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_gender + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: customer_last_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + customer_last_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_last_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: customer_last_name + type: string + customer_phone: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: customer_phone + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: day_of_week + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + day_of_week_i: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: day_of_week_i + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + email: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: email + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + event.dataset: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: event.dataset + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.city_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.city_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.continent_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.continent_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.country_iso_code: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.country_iso_code + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + geoip.location: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: geoip.location + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + geoip.region_name: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: geoip.region_name + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: manufacturer + type: string + order_date: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: order_date + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + order_id: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: order_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products._id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products._id.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products._id.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products._id + type: string + products.base_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.base_unit_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.base_unit_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.category: + aggregatable: false + count: 0 + esTypes: + - text + format: + id: string + isMapped: true + name: products.category + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.category.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.category.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.category + type: string + products.created_on: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: products.created_on + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + products.discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.discount_percentage: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.discount_percentage + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.manufacturer: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.manufacturer + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.manufacturer.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.manufacturer.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.manufacturer + type: string + products.min_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.min_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.price: + aggregatable: true + count: 1 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_id: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + isMapped: true + name: products.product_id + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.product_name: + aggregatable: false + count: 1 + esTypes: + - text + format: + id: string + isMapped: true + name: products.product_name + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.product_name.keyword: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.product_name.keyword + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + subType: + multi: + parent: products.product_name + type: string + products.quantity: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: products.quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: products.sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + products.tax_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.tax_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxful_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxful_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.taxless_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: products.taxless_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + products.unit_discount_amount: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + isMapped: true + name: products.unit_discount_amount + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + sku: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: sku + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + taxful_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: taxful_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + taxless_total_price: + aggregatable: true + count: 0 + esTypes: + - half_float + format: + id: number + params: + pattern: $0,0.00 + isMapped: true + name: taxless_total_price + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_quantity: + aggregatable: true + count: 1 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_quantity + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + total_unique_products: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: total_unique_products + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + type: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: type + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + user: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: user + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + runtimeFieldMap: {} + sourceFilters: [] + timeFieldName: order_date + title: kibana_sample_data_ecommerce + typeMeta: {} + version: WzUsMV0= + Data_views_get_data_views_response: + summary: The get all data views API returns a list of data views. + value: + data_view: + - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + name: Kibana Sample Data eCommerce + namespaces: + - default + title: kibana_sample_data_ecommerce + typeMeta: {} + - id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + namespaces: + - default + title: kibana_sample_data_flights + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: Kibana Sample Data Logs + namespaces: + - default + title: kibana_sample_data_logs + Data_views_get_default_data_view_response: + summary: The get default data view API returns the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + Data_views_get_runtime_field_response: + summary: >- + The get runtime field API returns a JSON object that contains + information about the runtime field (`hour_of_day`) and the data view + (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). + value: + data_view: + allowNoIndex: false + fieldAttrs: {} + fieldFormats: + AvgTicketPrice: + id: number + params: + pattern: $0,0.[00] + hour_of_day: + id: number + params: + pattern: '00' + fields: + _id: + aggregatable: false + count: 0 + esTypes: + - _id + format: + id: string + isMapped: true + name: _id + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _index: + aggregatable: true + count: 0 + esTypes: + - _index + format: + id: string + isMapped: true + name: _index + readFromDocValues: false + scripted: false + searchable: true + shortDotsEnable: false + type: string + _score: + aggregatable: false + count: 0 + format: + id: number + isMapped: true + name: _score + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: number + _source: + aggregatable: false + count: 0 + esTypes: + - _source + format: + id: _source + isMapped: true + name: _source + readFromDocValues: false + scripted: false + searchable: false + shortDotsEnable: false + type: _source + AvgTicketPrice: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + params: + pattern: $0,0.[00] + isMapped: true + name: AvgTicketPrice + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Cancelled: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: Cancelled + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + Carrier: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Carrier + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + dayOfWeek: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: dayOfWeek + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + Dest: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Dest + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: DestLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + DestRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DestWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: DestWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + DistanceKilometers: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceKilometers + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + DistanceMiles: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: DistanceMiles + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelay: + aggregatable: true + count: 0 + esTypes: + - boolean + format: + id: boolean + isMapped: true + name: FlightDelay + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: boolean + FlightDelayMin: + aggregatable: true + count: 0 + esTypes: + - integer + format: + id: number + isMapped: true + name: FlightDelayMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + FlightDelayType: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightDelayType + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightNum: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightNum + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeHour: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: FlightTimeHour + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + FlightTimeMin: + aggregatable: true + count: 0 + esTypes: + - float + format: + id: number + isMapped: true + name: FlightTimeMin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: number + hour_of_day: + aggregatable: true + count: 0 + esTypes: + - long + format: + id: number + params: + pattern: '00' + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Origin: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: Origin + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginAirportID: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginAirportID + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCityName: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCityName + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginCountry: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginCountry + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginLocation: + aggregatable: true + count: 0 + esTypes: + - geo_point + format: + id: geo_point + params: + transform: wkt + isMapped: true + name: OriginLocation + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: geo_point + OriginRegion: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginRegion + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + OriginWeather: + aggregatable: true + count: 0 + esTypes: + - keyword + format: + id: string + isMapped: true + name: OriginWeather + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: string + timestamp: + aggregatable: true + count: 0 + esTypes: + - date + format: + id: date + isMapped: true + name: timestamp + readFromDocValues: true + scripted: false + searchable: true + shortDotsEnable: false + type: date + id: d3d7af60-4c81-11e8-b3d7-01146121b73d + name: Kibana Sample Data Flights + runtimeFieldMap: + hour_of_day: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + sourceFilters: [] + timeFieldName: timestamp + title: kibana_sample_data_flights + version: WzM2LDJd + fields: + - aggregatable: true + count: 0 + esTypes: + - long + name: hour_of_day + readFromDocValues: false + runtimeField: + script: + source: emit(doc['timestamp'].value.getHour()); + type: long + scripted: false + searchable: true + shortDotsEnable: false + type: number + Data_views_preview_swap_data_view_request: + summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". + value: + fromId: abcd-efg + toId: xyz-123 + Data_views_set_default_data_view_request: + summary: Set the default data view identifier. + value: + data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f + force: true + Data_views_swap_data_view_request: + summary: >- + Swap references from data view ID "abcd-efg" to "xyz-123" and remove the + data view that is no longer referenced. + value: + delete: true + fromId: abcd-efg + toId: xyz-123 + Data_views_update_data_view_request: + summary: Update some properties for a data view. + value: + data_view: + allowNoIndex: false + name: Kibana Sample Data eCommerce + timeFieldName: order_date + title: kibana_sample_data_ecommerce + refresh_fields: true + Data_views_update_field_metadata_request: + summary: Update metadata for multiple fields. + value: + fields: + field1: + count: 123 + customLabel: Field 1 label + field2: + customDescription: Field 2 description + customLabel: Field 2 label + Data_views_update_runtime_field_request: + summary: Update an existing runtime field on a data view. + value: + runtimeField: + script: + source: emit(doc["bar"].value) + Machine_learning_APIs_mlSyncExample: + summary: Two anomaly detection jobs required synchronization in this example. + value: + datafeedsAdded: {} + datafeedsRemoved: {} + savedObjectsCreated: + anomaly-detector: + myjob1: + success: true + myjob2: + success: true + savedObjectsDeleted: {} + Saved_objects_export_objects_request: + summary: Export a specific saved object. + value: + excludeExportDetails: true + includeReferencesDeep: false + objects: + - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + type: map + Saved_objects_export_objects_response: + summary: >- + The export objects API response contains a JSON record for each exported + object. + value: + attributes: + description: '' + layerListJSON: >- + [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total + Requests by + Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web + logs + count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual + Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total + Requests and + Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web + logs + count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] + mapStateJSON: >- + {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} + title: '[Logs] Total Requests and Bytes' + uiStateJSON: '{"isDarkMode":false}' + coreMigrationVersion: 8.8.0 + created_at: '2023-08-23T20:03:32.204Z' + id: de71f4f0-1902-11e9-919b-ffe5949a18d2 + managed: false + references: + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_1_join_0_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_2_source_index_pattern + type: index-pattern + - id: 90943e30-9a47-11e8-b64d-95841ca0b247 + name: layer_3_source_index_pattern + type: index-pattern + type: map + typeMigrationVersion: 8.4.0 + updated_at: '2023-08-23T20:03:32.204Z' + version: WzEzLDFd + Saved_objects_import_objects_request: + value: + file: file.ndjson + Saved_objects_import_objects_response: + summary: >- + The import objects API response indicates a successful import and the + objects are created. Since these objects are created as new copies, each + entry in the successResults array includes a destinationId attribute. + value: + success: true + successCount: 1 + successResults: + - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 + id: 90943e30-9a47-11e8-b64d-95841ca0b247 + managed: false + meta: + icon: indexPatternApp + title: Kibana Sample Data Logs + type: index-pattern + Saved_objects_key_rotation_response: + summary: Encryption key rotation using default parameters. + value: + failed: 0 + successful: 300 + total: 1000 + Saved_objects_resolve_missing_reference_request: + value: + file: file.ndjson + retries: + - id: my-pattern + overwrite: true + type: index-pattern + - destinationId: another-vis + id: my-vis + overwrite: true + type: visualization + - destinationId: yet-another-canvas + id: my-canvas + overwrite: true + type: canvas + - id: my-dashboard + type: dashboard + Saved_objects_resolve_missing_reference_response: + summary: Resolve missing reference errors. + value: + success: true + successCount: 3 + successResults: + - id: my-vis + meta: + icon: visualizeApp + title: Look at my visualization + type: visualization + - id: my-search + meta: + icon: searchApp + title: Look at my search + type: search + - id: my-dashboard + meta: + icon: dashboardApp + title: Look at my dashboard + type: dashboard + parameters: + Alerting_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_alert_id: + description: An identifier for the alert. + in: path + name: alertId + required: true + schema: + example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 + type: string + Cases_assignees: + description: > + Filters the returned cases by assignees. Valid values are `none` or + unique identifiers for the user profiles. These identifiers can be found + by using the suggest user profile API. + in: query + name: assignees + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_case_id: + description: >- + The identifier for the case. To retrieve case IDs, use the find cases + API. All non-ASCII characters must be URL encoded. + in: path + name: caseId + required: true + schema: + example: 9c235210-6834-11ea-a78c-6ffb38a34414 + type: string + Cases_category: + description: Filters the returned cases by category. + in: query + name: category + schema: + oneOf: + - example: my-category + type: string + - items: + type: string + maxItems: 100 + type: array + Cases_comment_id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + case or find cases APIs. + in: path + name: commentId + required: true + schema: + example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 + type: string + Cases_configuration_id: + description: An identifier for the configuration. + in: path + name: configurationId + required: true + schema: + example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 + type: string + Cases_connector_id: + description: >- + An identifier for the connector. To retrieve connector IDs, use the find + connectors API. + in: path + name: connectorId + required: true + schema: + example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 + type: string + Cases_defaultSearchOperator: + description: he default operator to use for the simple_query_string. + example: OR + in: query + name: defaultSearchOperator + schema: + default: OR + type: string + Cases_from: + description: > + Returns only cases that were created after a specific date. The date + must be specified as a KQL data range or date match expression. + in: query + name: from + schema: + example: now-1d + type: string + Cases_ids: + description: > + The cases that you want to removed. All non-ASCII characters must be URL + encoded. + example: d4e7abb0-b462-11ec-9a8d-698504725a43 + in: query + name: ids + required: true + schema: + items: + maxItems: 100 + minItems: 1 + type: string + type: array + Cases_includeComments: + deprecated: true + description: >- + Deprecated in 8.1.0. This parameter is deprecated and will be removed in + a future release. It determines whether case comments are returned. + in: query + name: includeComments + schema: + default: true + type: boolean + Cases_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Cases_owner: + description: > + A filter to limit the response to a specific set of applications. If + this parameter is omitted, the response contains information about all + the cases that the user has access to read. + example: cases + in: query + name: owner + schema: + oneOf: + - $ref: '#/components/schemas/Cases_owners' + - items: + $ref: '#/components/schemas/Cases_owners' + type: array + Cases_page_index: + description: The page number to return. + in: query + name: page + required: false + schema: + default: 1 + type: integer + Cases_page_size: + description: The number of items to return. Limited to 100 items. + in: query + name: perPage + required: false + schema: + default: 20 + maximum: 100 + type: integer + Cases_reporters: + description: Filters the returned cases by the user name of the reporter. + example: elastic + in: query + name: reporters + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_search: + description: >- + An Elasticsearch simple_query_string query that filters the objects in + the response. + in: query + name: search + schema: + type: string + Cases_searchFields: + description: The fields to perform the simple_query_string parsed query against. + in: query + name: searchFields + schema: + oneOf: + - $ref: '#/components/schemas/Cases_searchFieldsType' + - items: + $ref: '#/components/schemas/Cases_searchFieldsType' + type: array + Cases_severity: + description: The severity of the case. + in: query + name: severity + schema: + enum: + - critical + - high + - low + - medium + type: string + Cases_sort_order: + description: Determines the sort order. + in: query + name: sortOrder + required: false + schema: + default: desc + enum: + - asc + - desc + type: string + Cases_sortField: + description: Determines which field is used to sort the results. + example: updatedAt + in: query + name: sortField + schema: + default: createdAt + enum: + - createdAt + - updatedAt + - closedAt + - title + - category + - status + - severity + type: string + Cases_status: + description: Filters the returned cases by state. + example: open + in: query + name: status + schema: + enum: + - closed + - in-progress + - open + type: string + Cases_tags: + description: Filters the returned cases by tags. + example: tag-1 + in: query + name: tags + schema: + oneOf: + - type: string + - items: + type: string + maxItems: 100 + type: array + Cases_to: + description: > + Returns only cases that were created before a specific date. The date + must be specified as a KQL data range or date match expression. + example: now+1d + in: query + name: to + schema: + type: string + Cases_user_action_types: + description: Determines the types of user actions to return. + example: create_case + in: query + name: types + schema: + items: + enum: + - action + - alert + - assignees + - attachment + - comment + - connector + - create_case + - description + - pushed + - settings + - severity + - status + - tags + - title + - user + type: string + type: array + Data_views_field_name: + description: The name of the runtime field. + in: path + name: fieldName + required: true + schema: + example: hour_of_day + type: string + Data_views_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Data_views_view_id: + description: An identifier for the data view. + in: path + name: viewId + required: true + schema: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + Fleet_format: + description: Simplified or legacy format for package inputs + in: query + name: format + required: false + schema: + enum: + - simplified + - legacy + type: string + Fleet_kbn_xsrf: + description: Kibana's anti Cross-Site Request Forgery token. Can be any string value. + in: header + name: kbn-xsrf + required: true + schema: + type: string + Fleet_kuery: + in: query + name: kuery + required: false + schema: + type: string + Fleet_page_index: + in: query + name: page + required: false + schema: + default: 1 + type: integer + Fleet_page_size: + description: The number of items to return + in: query + name: perPage + required: false + schema: + default: 20 + type: integer + Fleet_show_inactive: + in: query + name: showInactive + required: false + schema: + type: boolean + Fleet_show_upgradeable: + in: query + name: showUpgradeable + required: false + schema: + type: boolean + Fleet_sort_field: + in: query + name: sortField + required: false + schema: + deprecated: true + type: string + Fleet_sort_order: + in: query + name: sortOrder + required: false + schema: + enum: + - asc + - desc + type: string + Fleet_with_metrics: + description: Return agent metrics, false by default + in: query + name: withMetrics + required: false + schema: + type: boolean + Machine_learning_APIs_simulateParam: + description: >- + When true, simulates the synchronization by returning only the list of + actions that would be performed. + example: 'true' + in: query + name: simulate + required: false + schema: + type: boolean + Saved_objects_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + Saved_objects_saved_object_id: + description: An identifier for the saved object. + in: path + name: id + required: true + schema: + type: string + Saved_objects_saved_object_type: + description: >- + Valid options include `visualization`, `dashboard`, `search`, + `index-pattern`, `config`. + in: path + name: type + required: true + schema: + type: string + SLOs_kbn_xsrf: + description: Cross-site request forgery protection + in: header + name: kbn-xsrf + required: true + schema: + type: string + SLOs_slo_id: + description: An identifier for the slo. + in: path + name: sloId + required: true + schema: + example: 9c235211-6834-11ea-a78c-6feb38a34414 + type: string + SLOs_space_id: + description: >- + An identifier for the space. If `/s/` and the identifier are omitted + from the path, the default space is used. + in: path + name: spaceId + required: true + schema: + example: default + type: string + responses: + Fleet_error: + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: number + description: Generic Error + schemas: + Alerting_401_response: + properties: + error: + enum: + - Unauthorized + example: Unauthorized + type: string + message: + type: string + statusCode: + enum: + - 401 + example: 401 + type: integer + title: Unsuccessful rule API response + type: object + Alerting_alert_response_properties: + title: Legacy alert response properties + type: object + properties: + actions: + items: + type: object + type: array + alertTypeId: + example: .index-threshold + type: string + apiKeyOwner: + example: elastic + nullable: true + type: string + createdAt: + description: The date and time that the alert was created. + example: '2022-12-05T23:36:58.284Z' + format: date-time + type: string + createdBy: + description: The identifier for the user that created the alert. + example: elastic + type: string + enabled: + description: Indicates whether the alert is currently enabled. + example: true + type: boolean + executionStatus: + type: object + properties: + lastExecutionDate: + example: '2022-12-06T00:13:43.890Z' + format: date-time + type: string + status: + example: ok + type: string + id: + description: The identifier for the alert. + example: b530fed0-74f5-11ed-9801-35303b735aef + type: string + muteAll: + example: false + type: boolean + mutedInstanceIds: + items: + type: string + nullable: true + type: array + name: + description: The name of the alert. + example: my alert + type: string + notifyWhen: + example: onActionGroupChange + type: string + params: + additionalProperties: true + type: object + schedule: + type: object + properties: + interval: + type: string + scheduledTaskId: + example: b530fed0-74f5-11ed-9801-35303b735aef + type: string + tags: + items: + type: string + type: array + throttle: + nullable: true + type: string + updatedAt: + example: '2022-12-05T23:36:58.284Z' + type: string + updatedBy: + description: The identifier for the user that updated this alert most recently. + example: elastic + nullable: true + type: string + Alerting_fieldmap_properties: + title: Field map objects in the get rule types response + type: object + properties: + array: + description: Indicates whether the field is an array. + type: boolean + dynamic: + description: Indicates whether it is a dynamic field mapping. + type: boolean + format: + description: > + Indicates the format of the field. For example, if the `type` is + `date_range`, the `format` can be + `epoch_millis||strict_date_optional_time`. + type: string + ignore_above: + description: >- + Specifies the maximum length of a string field. Longer strings are + not indexed or stored. + type: integer + index: + description: Indicates whether field values are indexed. + type: boolean + path: + description: TBD + type: string + properties: + additionalProperties: + type: object + properties: + type: + description: The data type for each object property. + type: string + description: > + Details about the object properties. This property is applicable + when `type` is `object`. + type: object + required: + description: Indicates whether the field is required. + type: boolean + scaling_factor: + description: > + The scaling factor to use when encoding values. This property is + applicable when `type` is `scaled_float`. Values will be multiplied + by this factor at index time and rounded to the closest long value. + type: integer + type: + description: Specifies the data type for the field. + example: scaled_float + type: string + Cases_4xx_response: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful cases API response + type: object + Cases_action_types: + description: The type of action. + enum: + - assignees + - create_case + - comment + - connector + - delete_case + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + Cases_actions: + enum: + - add + - create + - delete + - push_to_service + - update + example: create + type: string + Cases_add_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. + type: object + properties: + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. + enum: + - alert + example: alert + type: string + required: + - alertId + - index + - owner + - rule + - type + title: Add case comment request properties for alerts + Cases_add_case_comment_request: + description: >- + The add comment to case API request body varies depending on whether you + are adding an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_add_alert_comment_request_properties' + user: '#/components/schemas/Cases_add_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' + title: Add case comment request + Cases_add_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. + properties: + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + description: The type of comment. + enum: + - user + example: user + type: string + required: + - comment + - owner + - type + title: Add case comment request properties for user comments + type: object + Cases_alert_comment_response_properties: + title: Add case comment response properties for alerts + type: object + properties: + alertId: + items: + example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 + type: string + type: array + created_at: + example: '2023-11-06T19:29:38.424Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + id: + example: 73362370-ab1a-11ec-985f-97e55adae8b9 + type: string + index: + items: + example: .internal.alerts-security.alerts-default-000001 + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert + example: alert + type: string + updated_at: + format: date-time + nullable: true + type: string + updated_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + version: + example: WzMwNDgsMV0= + type: string + required: + - type + Cases_alert_identifiers: + description: > + The alert identifiers. It is required only when `type` is `alert`. You + can use an array of strings to add multiple alerts to a case, provided + that they all relate to the same rule; `index` must also be an array + with the same length or number of elements. Adding multiple alerts in + this manner is recommended rather than calling the API multiple times. + This functionality is in technical preview and may be changed or removed + in a future release. Elastic will work to fix any issues, but features + in technical preview are not subject to the support SLA of official GA + features. + example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert identifiers + x-technical-preview: true + Cases_alert_indices: + description: > + The alert indices. It is required only when `type` is `alert`. If you + are adding multiple alerts to a case, use an array of strings; the + position of each index name in the array must match the position of the + corresponding alert identifier in the `alertId` array. This + functionality is in technical preview and may be changed or removed in a + future release. Elastic will work to fix any issues, but features in + technical preview are not subject to the support SLA of official GA + features. + oneOf: + - type: string + - items: + type: string + maxItems: 1000 + type: array + title: Alert indices + x-technical-preview: true + Cases_alert_response_properties: + type: object + properties: + attached_at: + format: date-time + type: string + id: + description: The alert identifier. + type: string + index: + description: The alert index. + type: string + Cases_assignees: + description: An array containing users that are assigned to the case. + items: + type: object + properties: + uid: + description: >- + A unique identifier for the user profile. These identifiers can be + found by using the suggest user profile API. + example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 + type: string + required: + - uid + maxItems: 10 + nullable: true + type: array + Cases_case_category: + description: A word or phrase that categorizes the case. + maxLength: 50 + type: string + Cases_case_description: + description: The description for the case. + maxLength: 30000 + type: string + Cases_case_response_closed_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for closed_by + type: object + Cases_case_response_created_by_properties: + title: Case response properties for created_by + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + Cases_case_response_properties: + title: Case response properties + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + description: The case category. + nullable: true + type: string + closed_at: + format: date-time + nullable: true + type: string + closed_by: + $ref: '#/components/schemas/Cases_case_response_closed_by_properties' + comments: + description: An array of comment objects for the case. + items: + discriminator: + mapping: + alert: '#/components/schemas/Cases_alert_comment_response_properties' + user: '#/components/schemas/Cases_user_comment_response_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_alert_comment_response_properties' + - $ref: '#/components/schemas/Cases_user_comment_response_properties' + maxItems: 10000 + title: Case response properties for comments + type: array + connector: + discriminator: + mapping: + .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' + .jira: '#/components/schemas/Cases_connector_properties_jira' + .none: '#/components/schemas/Cases_connector_properties_none' + .resilient: '#/components/schemas/Cases_connector_properties_resilient' + .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' + .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' + .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + title: Case response properties for connectors + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' + customFields: + description: Custom field values for the case. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + type: array + description: + example: A case description. + type: string + duration: + description: > + The elapsed time from the creation of the case to its closure (in + seconds). If the case has not been closed, the duration is set to + null. If the case was closed after less than half a second, the + duration is rounded down to zero. + example: 120 + nullable: true + type: integer + external_service: + $ref: '#/components/schemas/Cases_external_service' + id: + example: 66b9aa00-94fa-11ea-9f74-e7e108796192 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + example: + - tag-1 + items: + type: string + type: array + title: + example: Case title 1 + type: string + totalAlerts: + example: 0 + type: integer + totalComment: + example: 0 + type: integer + updated_at: + format: date-time + nullable: true + type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' + version: + example: WzUzMiwxXQ== + type: string + required: + - closed_at + - closed_by + - comments + - connector + - created_at + - created_by + - description + - duration + - external_service + - id + - owner + - settings + - severity + - status + - tags + - title + - totalAlerts + - totalComment + - updated_at + - updated_by + - version + Cases_case_response_pushed_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for pushed_by + type: object + Cases_case_response_updated_by_properties: + nullable: true + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + title: Case response properties for updated_by + type: object + Cases_case_severity: + default: low + description: The severity of the case. + enum: + - critical + - high + - low + - medium + type: string + Cases_case_status: + description: The status of the case. + enum: + - closed + - in-progress + - open + type: string + Cases_case_tags: + description: > + The words and phrases that help categorize cases. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_case_title: + description: A title for the case. + maxLength: 160 + type: string + Cases_closure_types: + description: >- + Indicates whether a case is automatically closed when it is pushed to + external systems (`close-by-pushing`) or not automatically closed + (`close-by-user`). + enum: + - close-by-pushing + - close-by-user + example: close-by-user + type: string + Cases_connector_properties_cases_webhook: + description: Defines properties for connectors when type is `.cases-webhook`. + type: object + properties: + fields: + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .cases-webhook + example: .cases-webhook + type: string + required: + - fields + - id + - name + - type + title: Create or upate case request properties for Cases Webhook connector + Cases_connector_properties_jira: + description: Defines properties for connectors when type is `.jira`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + issueType: + description: The type of issue. + nullable: true + type: string + parent: + description: The key of the parent issue, when the issue type is sub-task. + nullable: true + type: string + priority: + description: The priority of the issue. + nullable: true + type: string + required: + - issueType + - parent + - priority + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .jira + example: .jira + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for a Jira connector + Cases_connector_properties_none: + description: Defines properties for connectors when type is `.none`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case without + a connector, specify null. To update a case to remove the connector, + specify null. + example: null + nullable: true + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. To update a case to remove the connector, + specify `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, use + `none`. To update a case to remove the connector, specify `none`. + example: none + type: string + type: + description: >- + The type of connector. To create a case without a connector, use + `.none`. To update a case to remove the connector, specify `.none`. + enum: + - .none + example: .none + type: string + required: + - fields + - id + - name + - type + title: Create or update case request properties for no connector + Cases_connector_properties_resilient: + description: Defines properties for connectors when type is `.resilient`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + nullable: true + type: object + properties: + issueTypes: + description: The type of incident. + items: + type: string + type: array + severityCode: + description: The severity code of the incident. + type: string + required: + - issueTypes + - severityCode + id: + description: The identifier for the connector. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .resilient + example: .resilient + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a IBM Resilient connector + Cases_connector_properties_servicenow: + description: Defines properties for connectors when type is `.servicenow`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + impact: + description: The effect an incident had on business. + nullable: true + type: string + severity: + description: The severity of the incident. + nullable: true + type: string + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + urgency: + description: The extent to which the incident resolution can be delayed. + nullable: true + type: string + required: + - category + - impact + - severity + - subcategory + - urgency + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .servicenow + example: .servicenow + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a ServiceNow ITSM connector + Cases_connector_properties_servicenow_sir: + description: Defines properties for connectors when type is `.servicenow-sir`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + category: + description: The category of the incident. + nullable: true + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs. + nullable: true + type: boolean + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs. + nullable: true + type: boolean + priority: + description: The priority of the issue. + nullable: true + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs. + nullable: true + type: boolean + subcategory: + description: The subcategory of the incident. + nullable: true + type: string + required: + - category + - destIp + - malwareHash + - malwareUrl + - priority + - sourceIp + - subcategory + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .servicenow-sir + example: .servicenow-sir + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a ServiceNow SecOps connector + Cases_connector_properties_swimlane: + description: Defines properties for connectors when type is `.swimlane`. + type: object + properties: + fields: + description: >- + An object containing the connector fields. If you want to omit any + individual field, specify null as its value. + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + nullable: true + type: string + required: + - caseId + id: + description: >- + The identifier for the connector. To retrieve connector IDs, use the + find connectors API. + type: string + name: + description: The name of the connector. + type: string + type: + description: The type of connector. + enum: + - .swimlane + example: .swimlane + type: string + required: + - fields + - id + - name + - type + title: Create case request properties for a Swimlane connector + Cases_connector_types: + description: The type of connector. + enum: + - .cases-webhook + - .jira + - .none + - .resilient + - .servicenow + - .servicenow-sir + - .swimlane + example: .none + type: string + Cases_create_case_request: + description: >- + The create case API request body varies depending on the type of + connector. + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields that are + not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key value must + exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified in the + case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, it + cannot be explicitly set to null. However, for cases that + existed when the required custom field was added, the default + value stored in Elasticsearch is `undefined`. The value + returned in the API and user interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + required: + - connector + - description + - owner + - settings + - tags + - title + title: Create case request + type: object + Cases_external_service: + nullable: true + type: object + properties: + connector_id: + type: string + connector_name: + type: string + external_id: + type: string + external_title: + type: string + external_url: + type: string + pushed_at: + format: date-time + type: string + pushed_by: + nullable: true + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + Cases_owners: + description: > + The application that owns the cases: Stack Management, Observability, or + Elastic Security. + enum: + - cases + - observability + - securitySolution + example: cases + type: string + Cases_payload_alert_comment: + type: object + properties: + comment: + type: object + properties: + alertId: + oneOf: + - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d + type: string + - items: + type: string + type: array + index: + oneOf: + - example: .alerts-observability.logs.alerts-default + type: string + - items: + type: string + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + type: + enum: + - alert + type: string + Cases_payload_assignees: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + Cases_payload_connector: + type: object + properties: + connector: + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + Cases_payload_create_case: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + connector: + type: object + properties: + fields: + description: >- + An object containing the connector fields. To create a case + without a connector, specify null. If you want to omit any + individual field, specify null as its value. + example: null + nullable: true + type: object + properties: + caseId: + description: The case identifier for Swimlane connectors. + type: string + category: + description: >- + The category of the incident for ServiceNow ITSM and + ServiceNow SecOps connectors. + type: string + destIp: + description: >- + Indicates whether cases will send a comma-separated list of + destination IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + impact: + description: >- + The effect an incident had on business for ServiceNow ITSM + connectors. + type: string + issueType: + description: The type of issue for Jira connectors. + type: string + issueTypes: + description: The type of incident for IBM Resilient connectors. + items: + type: string + type: array + malwareHash: + description: >- + Indicates whether cases will send a comma-separated list of + malware hashes for ServiceNow SecOps connectors. + nullable: true + type: boolean + malwareUrl: + description: >- + Indicates whether cases will send a comma-separated list of + malware URLs for ServiceNow SecOps connectors. + nullable: true + type: boolean + parent: + description: >- + The key of the parent issue, when the issue type is sub-task + for Jira connectors. + type: string + priority: + description: >- + The priority of the issue for Jira and ServiceNow SecOps + connectors. + type: string + severity: + description: The severity of the incident for ServiceNow ITSM connectors. + type: string + severityCode: + description: >- + The severity code of the incident for IBM Resilient + connectors. + type: string + sourceIp: + description: >- + Indicates whether cases will send a comma-separated list of + source IPs for ServiceNow SecOps connectors. + nullable: true + type: boolean + subcategory: + description: >- + The subcategory of the incident for ServiceNow ITSM + connectors. + type: string + urgency: + description: >- + The extent to which the incident resolution can be delayed + for ServiceNow ITSM connectors. + type: string + id: + description: >- + The identifier for the connector. To create a case without a + connector, use `none`. + example: none + type: string + name: + description: >- + The name of the connector. To create a case without a connector, + use `none`. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + description: + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + items: + example: + - tag-1 + type: string + type: array + title: + type: string + Cases_payload_delete: + description: >- + If the `action` is `delete` and the `type` is `delete_case`, the payload + is nullable. + nullable: true + type: object + Cases_payload_description: + type: object + properties: + description: + type: string + Cases_payload_pushed: + type: object + properties: + externalService: + $ref: '#/components/schemas/Cases_external_service' + Cases_payload_settings: + type: object + properties: + settings: + $ref: '#/components/schemas/Cases_settings' + Cases_payload_severity: + type: object + properties: + severity: + $ref: '#/components/schemas/Cases_case_severity' + Cases_payload_status: + type: object + properties: + status: + $ref: '#/components/schemas/Cases_case_status' + Cases_payload_tags: + type: object + properties: + tags: + example: + - tag-1 + items: + type: string + type: array + Cases_payload_title: + type: object + properties: + title: + type: string + Cases_payload_user_comment: + type: object + properties: + comment: + type: object + properties: + comment: + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + enum: + - user + type: string + Cases_rule: + description: > + The rule that is associated with the alerts. It is required only when + `type` is `alert`. This functionality is in technical preview and may be + changed or removed in a future release. Elastic will work to fix any + issues, but features in technical preview are not subject to the support + SLA of official GA features. + title: Alerting rule + type: object + properties: + id: + description: The rule identifier. + example: 94d80550-aaf4-11ec-985f-97e55adae8b9 + type: string + name: + description: The rule name. + example: security_rule + type: string + x-technical-preview: true + Cases_searchFieldsType: + description: The fields to perform the `simple_query_string` parsed query against. + enum: + - description + - title + type: string + Cases_set_case_configuration_request: + description: >- + External connection details, such as the closure type and default + connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + maxItems: 10 + minItems: 0 + type: array + owner: + $ref: '#/components/schemas/Cases_owners' + templates: + $ref: '#/components/schemas/Cases_templates' + required: + - closure_type + - connector + - owner + title: Set case configuration request + type: object + Cases_settings: + description: An object that contains the case settings. + type: object + properties: + syncAlerts: + description: Turns alert syncing on or off. + example: true + type: boolean + required: + - syncAlerts + Cases_template_tags: + description: > + The words and phrases that help categorize templates. It can be an empty + array. + items: + maxLength: 256 + type: string + maxItems: 200 + type: array + Cases_templates: + items: + type: object + properties: + caseFields: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not + used and are not propagated to individual cases, therefore + it is recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a + default connector, use `none`. To retrieve connector IDs, + use the find connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use + the find connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + customFields: + description: Custom field values in the template. + items: + type: object + properties: + key: + description: The unique key for the custom field. + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + value: + description: > + The default value for the custom field when a case uses + the template. If the `type` is `text`, the default value + must be a string. If the `type` is `toggle`, the default + value must be boolean. + oneOf: + - type: string + - type: boolean + type: array + x-technical-preview: true + description: + $ref: '#/components/schemas/Cases_case_description' + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + description: + description: A description for the template. + type: string + key: + description: > + A unique key for the template. Must be lower case and composed + only of a-z, 0-9, '_', and '-' characters. It is used in API calls + to refer to a specific template. + type: string + name: + description: The name of the template. + type: string + tags: + $ref: '#/components/schemas/Cases_template_tags' + type: array + x-technical-preview: true + Cases_update_alert_comment_request_properties: + description: Defines properties for case comment requests when type is alert. + type: object + properties: + alertId: + $ref: '#/components/schemas/Cases_alert_identifiers' + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + index: + $ref: '#/components/schemas/Cases_alert_indices' + owner: + $ref: '#/components/schemas/Cases_owners' + rule: + $ref: '#/components/schemas/Cases_rule' + type: + description: The type of comment. + enum: + - alert + example: alert + type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd + type: string + required: + - alertId + - id + - index + - owner + - rule + - type + - version + title: Update case comment request properties for alerts + Cases_update_case_comment_request: + description: >- + The update case comment API request body varies depending on whether you + are updating an alert or a comment. + discriminator: + mapping: + alert: '#/components/schemas/Cases_update_alert_comment_request_properties' + user: '#/components/schemas/Cases_update_user_comment_request_properties' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' + - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' + title: Update case comment request + Cases_update_case_configuration_request: + description: > + You can update settings such as the closure type, custom fields, + templates, and the default connector for cases. + properties: + closure_type: + $ref: '#/components/schemas/Cases_closure_types' + connector: + description: An object that contains the connector configuration. + type: object + properties: + fields: + description: >- + The fields specified in the case configuration are not used and + are not propagated to individual cases, therefore it is + recommended to set it to `null`. + nullable: true + type: object + id: + description: >- + The identifier for the connector. If you do not want a default + connector, use `none`. To retrieve connector IDs, use the find + connectors API. + example: none + type: string + name: + description: >- + The name of the connector. If you do not want a default + connector, use `none`. To retrieve connector names, use the find + connectors API. + example: none + type: string + type: + $ref: '#/components/schemas/Cases_connector_types' + required: + - fields + - id + - name + - type + customFields: + description: Custom fields case configuration. + items: + type: object + properties: + defaultValue: + description: > + A default value for the custom field. If the `type` is `text`, + the default value must be a string. If the `type` is `toggle`, + the default value must be boolean. + oneOf: + - type: string + - type: boolean + key: + description: > + A unique key for the custom field. Must be lower case and + composed only of a-z, 0-9, '_', and '-' characters. It is used + in API calls to refer to a specific custom field. + maxLength: 36 + minLength: 1 + type: string + label: + description: The custom field label that is displayed in the case. + maxLength: 50 + minLength: 1 + type: string + type: + description: The type of the custom field. + enum: + - text + - toggle + type: string + required: + description: > + Indicates whether the field is required. If `false`, the + custom field can be set to null or omitted when a case is + created or updated. + type: boolean + required: + - key + - label + - required + - type + type: array + templates: + $ref: '#/components/schemas/Cases_templates' + version: + description: > + The version of the connector. To retrieve the version value, use the + get configuration API. + example: WzIwMiwxXQ== + type: string + required: + - version + title: Update case configuration request + type: object + Cases_update_case_request: + description: >- + The update case API request body varies depending on the type of + connector. + properties: + cases: + description: An array containing one or more case objects. + items: + type: object + properties: + assignees: + $ref: '#/components/schemas/Cases_assignees' + category: + $ref: '#/components/schemas/Cases_case_category' + connector: + oneOf: + - $ref: '#/components/schemas/Cases_connector_properties_none' + - $ref: >- + #/components/schemas/Cases_connector_properties_cases_webhook + - $ref: '#/components/schemas/Cases_connector_properties_jira' + - $ref: '#/components/schemas/Cases_connector_properties_resilient' + - $ref: '#/components/schemas/Cases_connector_properties_servicenow' + - $ref: >- + #/components/schemas/Cases_connector_properties_servicenow_sir + - $ref: '#/components/schemas/Cases_connector_properties_swimlane' + customFields: + description: > + Custom field values for a case. Any optional custom fields + that are not specified in the request are set to null. + items: + type: object + properties: + key: + description: > + The unique identifier for the custom field. The key + value must exist in the case configuration settings. + type: string + type: + description: > + The custom field type. It must match the type specified + in the case configuration settings. + enum: + - text + - toggle + type: string + value: + description: > + The custom field value. If the custom field is required, + it cannot be explicitly set to null. However, for cases + that existed when the required custom field was added, + the default value stored in Elasticsearch is + `undefined`. The value returned in the API and user + interface in this case is `null`. + oneOf: + - maxLength: 160 + minLength: 1 + nullable: true + type: string + - type: boolean + required: + - key + - type + - value + maxItems: 10 + minItems: 0 + type: array + description: + $ref: '#/components/schemas/Cases_case_description' + id: + description: The identifier for the case. + maxLength: 30000 + type: string + settings: + $ref: '#/components/schemas/Cases_settings' + severity: + $ref: '#/components/schemas/Cases_case_severity' + status: + $ref: '#/components/schemas/Cases_case_status' + tags: + $ref: '#/components/schemas/Cases_case_tags' + title: + $ref: '#/components/schemas/Cases_case_title' + version: + description: >- + The current version of the case. To determine this value, use + the get case or find cases APIs. + type: string + required: + - id + - version + maxItems: 100 + minItems: 1 + type: array + required: + - cases + title: Update case request + type: object + Cases_update_user_comment_request_properties: + description: Defines properties for case comment requests when type is user. + properties: + comment: + description: The new comment. It is required only when `type` is `user`. + example: A new comment. + maxLength: 30000 + type: string + id: + description: > + The identifier for the comment. To retrieve comment IDs, use the get + comments API. + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + type: + description: The type of comment. + enum: + - user + example: user + type: string + version: + description: > + The current comment version. To retrieve version values, use the get + comments API. + example: Wzk1LDFd + type: string + required: + - comment + - id + - owner + - type + - version + title: Update case comment request properties for user comments + type: object + Cases_user_actions_find_response_properties: + type: object + properties: + action: + $ref: '#/components/schemas/Cases_actions' + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' + type: + description: The type of action. + enum: + - assignees + - create_case + - comment + - connector + - description + - pushed + - tags + - title + - status + - settings + - severity + example: create_case + type: string + version: + example: WzM1ODg4LDFd + type: string + required: + - action + - comment_id + - created_at + - created_by + - id + - owner + - payload + - type + - version + Cases_user_actions_response_properties: + type: object + properties: + action: + $ref: '#/components/schemas/Cases_actions' + action_id: + example: 22fd3e30-03b1-11ed-920c-974bfa104448 + type: string + case_id: + example: 22df07d0-03b1-11ed-920c-974bfa104448 + type: string + comment_id: + example: 578608d0-03b1-11ed-920c-974bfa104448 + nullable: true + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + type: object + properties: + email: + example: null + nullable: true + type: string + full_name: + example: null + nullable: true + type: string + profile_uid: + example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 + type: string + username: + example: elastic + nullable: true + type: string + required: + - email + - full_name + - username + owner: + $ref: '#/components/schemas/Cases_owners' + payload: + oneOf: + - $ref: '#/components/schemas/Cases_payload_alert_comment' + - $ref: '#/components/schemas/Cases_payload_assignees' + - $ref: '#/components/schemas/Cases_payload_connector' + - $ref: '#/components/schemas/Cases_payload_create_case' + - $ref: '#/components/schemas/Cases_payload_delete' + - $ref: '#/components/schemas/Cases_payload_description' + - $ref: '#/components/schemas/Cases_payload_pushed' + - $ref: '#/components/schemas/Cases_payload_settings' + - $ref: '#/components/schemas/Cases_payload_severity' + - $ref: '#/components/schemas/Cases_payload_status' + - $ref: '#/components/schemas/Cases_payload_tags' + - $ref: '#/components/schemas/Cases_payload_title' + - $ref: '#/components/schemas/Cases_payload_user_comment' + type: + $ref: '#/components/schemas/Cases_action_types' + required: + - action + - action_id + - case_id + - comment_id + - created_at + - created_by + - owner + - payload + - type + Cases_user_comment_response_properties: + title: Case response properties for user comments + type: object + properties: + comment: + example: A new comment. + type: string + created_at: + example: '2022-05-13T09:16:17.416Z' + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Cases_case_response_created_by_properties' + id: + example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 + type: string + owner: + $ref: '#/components/schemas/Cases_owners' + pushed_at: + example: null + format: date-time + nullable: true + type: string + pushed_by: + $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' + type: + enum: + - user + example: user + type: string + updated_at: + example: null + format: date-time + nullable: true + type: string + updated_by: + $ref: '#/components/schemas/Cases_case_response_updated_by_properties' + version: + example: WzIwNDMxLDFd + type: string + required: + - type + Data_views_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + Data_views_404_response: + type: object + properties: + error: + enum: + - Not Found + example: Not Found + type: string + message: + example: >- + Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] + not found + type: string + statusCode: + enum: + - 404 + example: 404 + type: integer + Data_views_allownoindex: + description: Allows the data view saved object to exist before the data is available. + type: boolean + Data_views_create_data_view_request_object: + title: Create data view request + type: object + properties: + data_view: + description: The data view object. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + version: + type: string + required: + - title + override: + default: false + description: >- + Override an existing data view if a data view with the provided + title already exists. + type: boolean + required: + - data_view + Data_views_data_view_response_object: + title: Data view response properties + type: object + properties: + data_view: + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldAttrs: + additionalProperties: + $ref: '#/components/schemas/Data_views_fieldattrs' + type: object + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + id: + example: ff959d40-b880-11e8-a6d9-e546fe2bba5f + type: string + name: + description: The data view name. + type: string + namespaces: + $ref: '#/components/schemas/Data_views_namespaces' + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta_response' + version: + example: WzQ2LDJd + type: string + Data_views_fieldattrs: + description: A map of field attributes by field name. + type: object + properties: + count: + description: Popularity count for the field. + type: integer + customDescription: + description: Custom description for the field. + maxLength: 300 + type: string + customLabel: + description: Custom label for the field. + type: string + Data_views_fieldformats: + description: A map of field formats by field name. + type: object + Data_views_namespaces: + description: >- + An array of space identifiers for sharing the data view between multiple + spaces. + items: + default: default + type: string + type: array + Data_views_runtimefieldmap: + description: A map of runtime field definitions by field name. + type: object + properties: + script: + type: object + properties: + source: + description: Script for the runtime field. + type: string + type: + description: Mapping type of the runtime field. + type: string + required: + - script + - type + Data_views_sourcefilters: + description: The array of field names you want to filter out in Discover. + items: + type: object + properties: + value: + type: string + required: + - value + type: array + Data_views_swap_data_view_request_object: + title: Data view reference swap request + type: object + properties: + delete: + description: Deletes referenced saved object if all references are removed. + type: boolean + forId: + description: Limit the affected saved objects to one or more by identifier. + oneOf: + - type: string + - items: + type: string + type: array + forType: + description: Limit the affected saved objects by type. + type: string + fromId: + description: The saved object reference to change. + type: string + fromType: + description: > + Specify the type of the saved object reference to alter. The default + value is `index-pattern` for data views. + type: string + toId: + description: New saved object reference value to replace the old value. + type: string + required: + - fromId + - toId + Data_views_timefieldname: + description: The timestamp field name, which you use for time-based data views. + type: string + Data_views_title: + description: >- + Comma-separated list of data streams, indices, and aliases that you want + to search. Supports wildcards (`*`). + type: string + Data_views_type: + description: When set to `rollup`, identifies the rollup data views. + type: string + Data_views_typemeta: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + required: + - aggs + - params + Data_views_typemeta_response: + description: >- + When you use rollup indices, contains the field list for the rollup data + view API endpoints. + nullable: true + type: object + properties: + aggs: + description: A map of rollup restrictions by aggregation type and field name. + type: object + params: + description: Properties for retrieving rollup fields. + type: object + Data_views_update_data_view_request_object: + title: Update data view request + type: object + properties: + data_view: + description: > + The data view properties you want to update. Only the specified + properties are updated in the data view. Unspecified fields stay as + they are persisted. + type: object + properties: + allowNoIndex: + $ref: '#/components/schemas/Data_views_allownoindex' + fieldFormats: + $ref: '#/components/schemas/Data_views_fieldformats' + fields: + type: object + name: + type: string + runtimeFieldMap: + additionalProperties: + $ref: '#/components/schemas/Data_views_runtimefieldmap' + type: object + sourceFilters: + $ref: '#/components/schemas/Data_views_sourcefilters' + timeFieldName: + $ref: '#/components/schemas/Data_views_timefieldname' + title: + $ref: '#/components/schemas/Data_views_title' + type: + $ref: '#/components/schemas/Data_views_type' + typeMeta: + $ref: '#/components/schemas/Data_views_typemeta' + refresh_fields: + default: false + description: Reloads the data view fields after the data view is updated. + type: boolean + required: + - data_view + Fleet_agent: + title: Agent + type: object + properties: + access_api_key: + type: string + access_api_key_id: + type: string + active: + type: boolean + components: + items: + $ref: '#/components/schemas/Fleet_agent_component' + type: array + default_api_key: + type: string + default_api_key_id: + type: string + enrolled_at: + type: string + id: + type: string + last_checkin: + type: string + local_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + metrics: + type: object + properties: + cpu_avg: + description: >- + Average agent CPU usage during the last 5 minutes, number + between 0-1 + type: number + memory_size_byte_avg: + description: Average agent memory consumption during the last 5 minutes + type: number + policy_id: + type: string + policy_revision: + type: number + status: + $ref: '#/components/schemas/Fleet_agent_status' + type: + $ref: '#/components/schemas/Fleet_agent_type' + unenrolled_at: + type: string + unenrollment_started_at: + type: string + user_provided_metadata: + $ref: '#/components/schemas/Fleet_agent_metadata' + required: + - type + - active + - enrolled_at + - id + - status + Fleet_agent_action: + oneOf: + - properties: + ack_data: + type: string + data: + type: string + type: + enum: + - UNENROLL + - UPGRADE + - POLICY_REASSIGN + type: string + - properties: + data: + type: object + properties: + log_level: + enum: + - debug + - info + - warning + - error + nullable: true + type: string + type: + type: string + title: Agent action + Fleet_agent_component: + title: Agent component + type: object + properties: + id: + type: string + message: + type: string + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + type: string + units: + items: + $ref: '#/components/schemas/Fleet_agent_component_unit' + type: array + Fleet_agent_component_status: + enum: + - starting + - configuring + - healthy + - degraded + - failed + - stopping + - stopped + title: Agent component status + type: string + Fleet_agent_component_unit: + title: Agent component unit + type: object + properties: + id: + type: string + message: + type: string + payload: + type: object + status: + $ref: '#/components/schemas/Fleet_agent_component_status' + type: + $ref: '#/components/schemas/Fleet_agent_component_unit_type' + Fleet_agent_component_unit_type: + enum: + - input + - output + title: Agent component unit type + type: string + Fleet_agent_diagnostics: + title: Agent diagnostics + type: object + properties: + actionId: + type: string + createTime: + type: string + filePath: + type: string + id: + type: string + name: + type: string + status: + enum: + - READY + - AWAITING_UPLOAD + - DELETED + - IN_PROGRESS + required: + - id + - name + - createTime + - filePath + - actionId + - status + Fleet_agent_get_by_actions: + items: + items: + type: string + type: array + title: Agents get by action ids + type: array + Fleet_agent_metadata: + title: Agent metadata + type: object + Fleet_agent_policy: + title: Agent Policy + type: object + properties: + advanced_settings: + description: >- + Advanced settings stored in the agent policy, e.g. + agent_limits_go_max_procs + nullable: true + type: object + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + agents: + type: number + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + description: >- + Indicates whether the agent policy has tamper protection enabled. + Default false. + type: boolean + keep_monitoring_alive: + description: >- + When set to true, monitoring will be enabled but logs/metrics + collection will be disabled + nullable: true + type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + monitoring_output_id: + nullable: true + type: string + monitoring_pprof_enabled: + type: boolean + name: + type: string + namespace: + type: string + overrides: + description: >- + Override settings that are defined in the agent policy. Input + settings cannot be overridden. The override option should be used + only in unusual circumstances and not as a routine procedure. + nullable: true + type: object + package_policies: + description: >- + This field is present only when retrieving a single agent policy, or + when retrieving a list of agent policies with the ?full=true + parameter + items: + $ref: '#/components/schemas/Fleet_package_policy' + type: array + revision: + type: number + supports_agentless: + description: >- + Indicates whether the agent policy supports agentless integrations. + Only allowed in a serverless environment. + type: boolean + unenroll_timeout: + type: integer + unprivileged_agents: + type: number + updated_by: + type: string + updated_on: + format: date-time + type: string + required: + - id + - status + - name + - namespace + Fleet_agent_policy_create_request: + title: Create agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + global_data_tags: + items: + additionalProperties: + oneOf: + - type: string + - type: number + description: >- + User defined data tags that are added to all of the inputs. The + values can be strings or numbers. + type: object + type: array + id: + type: string + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_policy_full: + oneOf: + - type: object + properties: + item: + type: string + - type: object + properties: + item: + $ref: '#/components/schemas/Fleet_full_agent_policy' + title: Agent policy full response + type: object + Fleet_agent_policy_update_request: + title: Update agent policy request + type: object + properties: + agent_features: + items: + type: object + properties: + enabled: + type: boolean + name: + type: string + required: + - name + - enabled + type: array + data_output_id: + nullable: true + type: string + description: + type: string + download_source_id: + nullable: true + type: string + fleet_server_host_id: + nullable: true + type: string + force: + description: Force agent policy creation even if packages are not verified. + type: boolean + inactivity_timeout: + type: integer + is_protected: + type: boolean + monitoring_enabled: + items: + enum: + - metrics + - logs + type: string + type: array + monitoring_output_id: + nullable: true + type: string + name: + type: string + namespace: + type: string + unenroll_timeout: + type: integer + required: + - name + - namespace + Fleet_agent_status: + enum: + - offline + - error + - online + - inactive + - warning + title: Elastic Agent status + type: string + Fleet_agent_type: + enum: + - PERMANENT + - EPHEMERAL + - TEMPORARY + title: Agent type + type: string + Fleet_bulk_install_packages_response: + title: Bulk install packages response + type: object + properties: + items: + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + response: + deprecated: true + items: + type: object + properties: + name: + type: string + version: + type: string + type: array + required: + - items + Fleet_bulk_upgrade_agents: + title: Bulk upgrade agents + type: object + properties: + agents: + oneOf: + - description: KQL query string, leave empty to action all agents + type: string + - description: list of agent IDs + items: + type: string + type: array + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + rollout_duration_seconds: + description: rolling upgrade window duration in seconds + type: number + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + description: alternative upgrade binary download url + type: string + start_time: + description: start time of upgrade in ISO 8601 format + type: string + version: + description: version to upgrade to + type: string + required: + - agents + - version + Fleet_data_stream: + title: Data stream + type: object + properties: + dashboard: + items: + type: object + properties: + id: + type: string + title: + type: string + type: array + dataset: + type: string + index: + type: string + last_activity_ms: + type: number + namespace: + type: string + package: + type: string + package_version: + type: string + size_in_bytes: + type: number + size_in_bytes_formatted: + type: string + type: + type: string + Fleet_download_sources: + title: Download Source + type: object + properties: + host: + type: string + id: + type: string + is_default: + type: boolean + name: + type: string + proxy_id: + description: >- + The ID of the proxy to use for this download source. See the proxies + API for more information. + nullable: true + type: string + required: + - is_default + - name + - host + Fleet_elasticsearch_asset_type: + enum: + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + title: Elasticsearch asset type + type: string + Fleet_enrollment_api_key: + title: Enrollment API key + type: object + properties: + active: + description: >- + When false, the enrollment API key is revoked and cannot be used for + enrolling Elastic Agents. + type: boolean + api_key: + description: The enrollment API key (token) used for enrolling Elastic Agents. + type: string + api_key_id: + description: The ID of the API key in the Security API. + type: string + created_at: + type: string + id: + type: string + name: + description: The name of the enrollment API key. + type: string + policy_id: + description: The ID of the agent policy the Elastic Agent will be enrolled in. + type: string + required: + - id + - api_key_id + - api_key + - active + - created_at + Fleet_fleet_server_host: + title: Fleet Server Host + type: object + properties: + host_urls: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_internal: + type: boolean + is_preconfigured: + type: boolean + name: + type: string + proxy_id: + type: string + required: + - fleet_server_hosts + - id + - is_default + - is_preconfigured + - host_urls + Fleet_fleet_settings_response: + title: Fleet settings response + type: object + properties: + item: + $ref: '#/components/schemas/Fleet_settings' + required: + - item + Fleet_fleet_setup_response: + title: Fleet Setup response + type: object + properties: + isInitialized: + type: boolean + nonFatalErrors: + items: + type: object + properties: + message: + type: string + name: + type: string + required: + - name + - message + type: array + required: + - isInitialized + - nonFatalErrors + Fleet_fleet_status_response: + title: Fleet status response + type: object + properties: + isReady: + type: boolean + missing_optional_features: + items: + enum: + - encrypted_saved_object_encryption_key_required + type: string + type: array + missing_requirements: + items: + enum: + - tls_required + - api_keys + - fleet_admin_user + - fleet_server + type: string + type: array + package_verification_key_id: + type: string + required: + - isReady + - missing_requirements + - missing_optional_features + Fleet_full_agent_policy: + title: Full agent policy + type: object + properties: + agent: + nullable: true + type: string + fleet: + oneOf: + - type: object + properties: + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + renegotiation: + type: string + verification_mode: + type: string + - type: object + properties: + kibana: + type: object + properties: + hosts: + items: + type: string + type: array + path: + type: string + protocol: + type: string + id: + type: string + inputs: + type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces + output_permissions: + additionalProperties: + type: object + properties: + data: + $ref: >- + #/components/schemas/Fleet_full_agent_policy_output_permissions + output: + type: integer + type: object + outputs: + additionalProperties: + $ref: '#/components/schemas/Fleet_full_agent_policy_output' + type: object + revision: + type: number + secret_references: + items: + type: object + properties: + id: + type: string + type: array + required: + - id + - outputs + - inputs + Fleet_full_agent_policy_input: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + namespace: + type: string + required: + - namespace + id: + type: string + meta: + additionalProperties: true + type: object + properties: + package: + type: object + properties: + name: + type: string + version: + type: string + required: + - name + - version + name: + type: string + revision: + type: number + streams: + $ref: '#/components/schemas/Fleet_full_agent_policy_input_stream' + type: + type: string + use_output: + type: string + required: + - id + - name + - revision + - type + - data_stream + - use_output + title: Full agent policy input + Fleet_full_agent_policy_input_stream: + allOf: + - additionalProperties: true + type: object + properties: + data_stream: + type: object + properties: + dataset: + type: string + type: + type: string + required: + - dataset + - type + id: + type: string + required: + - id + - data_stream + title: Full agent policy input stream + Fleet_full_agent_policy_output: + title: Full agent policy + type: object + properties: + additionalProperties: + type: object + properties: + text: {} + ca_sha256: + nullable: true + type: string + hosts: + items: + type: string + type: array + proxy_headers: {} + proxy_url: + type: string + type: {} + required: + - type + - hosts + - ca_sha256 + Fleet_full_agent_policy_output_permissions: + additionalProperties: + type: object + properties: + data: + type: object + properties: + cluster: + items: + type: string + type: array + indices: + items: + type: object + properties: + names: + items: + type: string + type: array + privileges: + items: + type: string + type: array + type: array + packagePolicyName: + type: string + title: Full agent policy output permissions + Fleet_get_agent_tags_response: + title: Get Agent Tags response + type: object + properties: + items: + items: + type: string + type: array + Fleet_get_agents_response: + title: Get Agent response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + list: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_agent' + type: array + page: + type: number + perPage: + type: number + statusSummary: + type: object + properties: + degraded': + type: number + enrolling: + type: number + error: + type: number + inactive: + type: number + offline: + type: number + online: + type: number + unenrolled: + type: number + unenrolling: + type: number + updating: + type: number + total: + type: number + required: + - items + - total + - page + - perPage + Fleet_get_bulk_assets_response: + deprecated: true + properties: + items: + items: + type: object + properties: + appLink: + type: string + attributes: + type: object + properties: + description: + type: string + title: + type: string + id: + type: string + type: + $ref: '#/components/schemas/Fleet_saved_object_type' + updatedAt: + type: string + type: array + required: + - items + title: Bulk get assets response + type: object + Fleet_get_categories_response: + title: Get categories response + type: object + properties: + items: + items: + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + response: + items: + deprecated: true + type: object + properties: + count: + type: number + id: + type: string + title: + type: string + required: + - id + - title + - count + type: array + required: + - items + Fleet_get_packages_response: + title: Get Packages response + type: object + properties: + items: + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + response: + deprecated: true + items: + $ref: '#/components/schemas/Fleet_search_result' + type: array + required: + - items + Fleet_installation_info: + title: Installation info object + type: object + properties: + created_at: + type: string + experimental_data_stream_features: + type: array + properties: + data_stream: + type: string + features: + type: object + properties: + doc_value_only_numeric: + nullable: true + type: boolean + doc_value_only_other: + nullable: true + type: boolean + synthetic_source: + nullable: true + type: boolean + tsdb: + nullable: true + type: boolean + install_format_schema_version: + type: string + install_kibana_space_id: + type: string + install_source: + enum: + - registry + - upload + - bundled + type: string + install_status: + enum: + - installed + - installing + - install_failed + type: string + installed_es: + type: object + properties: + deferred: + type: boolean + id: + type: string + type: + $ref: '#/components/schemas/Fleet_elasticsearch_asset_type' + installed_kibana: + type: object + properties: + id: + type: string + type: + $ref: '#/components/schemas/Fleet_kibana_saved_object_type' + latest_executed_state: + description: Latest successfully executed state in package install state machine + type: object + properties: + error: + type: string + name: + enum: + - create_restart_installation + - install_kibana_assets + - install_ilm_policies + - install_ml_model + - install_index_template_pipelines + - remove_legacy_templates + - update_current_write_indices + - install_transforms + - delete_previous_pipelines + - save_archive_entries_from_assets_map + - update_so + type: string + started_at: + type: string + latest_install_failed_attempts: + description: Latest failed install errors + items: + type: object + properties: + created_at: + type: string + error: + type: object + properties: + message: + type: string + name: + type: string + stack: + type: string + target_version: + type: string + type: array + name: + type: string + namespaces: + items: + type: string + type: array + type: + type: string + updated_at: + type: string + verification_key_id: + nullable: true + type: string + verification_status: + enum: + - verified + - unverified + - unknown + type: string + version: + type: string + required: + - installed_kibana + - installed_es + - name + - version + - install_status + - install_version + - install_started_at + - install_source + - verification_status + - latest_install_failed_attempts + Fleet_kibana_saved_object_type: + enum: + - dashboard + - visualization + - search + - index-pattern + - map + - lens + - ml-module + - security-rule + - csp_rule_template + title: Kibana saved object asset type + type: string + Fleet_new_package_policy: + description: '' + properties: + description: + type: string + enabled: + type: boolean + inputs: + items: + type: object + properties: + config: + type: object + enabled: + type: boolean + processors: + items: + type: string + type: array + streams: + items: {} + type: array + type: + type: string + vars: + type: object + required: + - type + - enabled + type: array + name: + type: string + namespace: + type: string + output_id: + type: string + overrides: + type: object + package: + type: object + properties: + name: + type: string + requires_root: + type: boolean + title: + type: string + version: + type: string + required: + - name + - version + policy_id: + deprecated: true + nullable: true + type: string + policy_ids: + items: + type: string + type: array + required: + - inputs + - name + title: New package policy + type: object + Fleet_output_create_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_create_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_create_request_kafka' + logstash: '#/components/schemas/Fleet_output_create_request_logstash' + remote_elasticsearch: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_create_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_create_request_kafka' + - $ref: '#/components/schemas/Fleet_output_create_request_logstash' + - $ref: >- + #/components/schemas/Fleet_output_create_request_remote_elasticsearch + title: Output + Fleet_output_create_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + Fleet_output_create_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + secrets: + type: object + properties: + password: + type: string + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + - type + - topics + - auth_type + - hosts + Fleet_output_create_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + secrets: + type: object + properties: + ssl: + type: object + properties: + key: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + - hosts + - type + Fleet_output_create_request_remote_elasticsearch: + title: remote_elasticsearch + type: object + properties: + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + secrets: + type: object + properties: + service_token: + type: string + service_token: + type: string + type: + enum: + - remote_elasticsearch + type: string + required: + - name + Fleet_output_update_request: + discriminator: + mapping: + elasticsearch: '#/components/schemas/Fleet_output_update_request_elasticsearch' + kafka: '#/components/schemas/Fleet_output_update_request_kafka' + logstash: '#/components/schemas/Fleet_output_update_request_logstash' + propertyName: type + oneOf: + - $ref: '#/components/schemas/Fleet_output_update_request_elasticsearch' + - $ref: '#/components/schemas/Fleet_output_update_request_kafka' + - $ref: '#/components/schemas/Fleet_output_update_request_logstash' + title: Output + Fleet_output_update_request_elasticsearch: + title: elasticsearch + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + preset: + enum: + - balanced + - custom + - throughput + - scale + - latency + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - elasticsearch + type: string + required: + - name + - hosts + - type + Fleet_output_update_request_kafka: + title: kafka + type: object + properties: + auth_type: + type: string + broker_timeout: + type: number + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + client_id: + type: string + compression: + type: string + compression_level: + type: number + config: + type: object + config_yaml: + type: string + connection_type: + enum: + - plaintext + - encryption + type: string + headers: + items: + type: object + properties: + key: + type: string + value: + type: string + type: array + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + key: + type: string + name: + type: string + partition: + type: string + password: + type: string + proxy_id: + type: string + random: + type: object + properties: + group_events: + type: number + required_acks: + type: number + round_robin: + type: object + properties: + group_events: + type: number + sasl: + type: object + properties: + mechanism: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + verification_mode: + enum: + - none + - full + - certificate + - strict + type: string + timeout: + type: number + topic: + type: string + topics: + deprecated: true + description: Use topic instead. + items: + type: object + properties: + topic: + type: string + when: + deprecated: true + description: >- + Deprecated, kafka output do not support conditionnal topics + anymore. + type: object + properties: + condition: + type: string + type: + type: string + type: array + type: + enum: + - kafka + type: string + username: + type: string + version: + type: string + required: + - name + Fleet_output_update_request_logstash: + title: logstash + type: object + properties: + ca_sha256: + type: string + ca_trusted_fingerprint: + type: string + config: + type: object + config_yaml: + type: string + hosts: + items: + type: string + type: array + id: + type: string + is_default: + type: boolean + is_default_monitoring: + type: boolean + is_internal: + type: boolean + name: + type: string + proxy_id: + type: string + shipper: + type: object + properties: + compression_level: + type: number + disk_queue_compression_enabled: + type: boolean + disk_queue_enabled: + type: boolean + disk_queue_encryption_enabled: + type: boolean + disk_queue_max_size: + type: number + disk_queue_path: + type: string + loadbalance: + type: boolean + ssl: + type: object + properties: + certificate: + type: string + certificate_authorities: + items: + type: string + type: array + key: + type: string + type: + enum: + - logstash + type: string + required: + - name + Fleet_package_info: + title: Package information + type: object + properties: + assets: + items: + type: string + type: array + categories: + items: + type: string + type: array + conditions: + type: object + properties: + elasticsearch: + type: object + properties: + subscription: + enum: + - basic + - gold + - platinum + - enterprise + type: string + kibana: + type: object + properties: + versions: + type: string + data_streams: + items: + type: object + properties: + ingeset_pipeline: + type: string + name: + type: string + package: + type: string + release: + type: string + title: + type: string + type: + type: string + vars: + items: + type: object + properties: + default: + type: string + name: + type: string + required: + - name + - default + type: array + required: + - title + - name + - release + - ingeset_pipeline + - type + - package + type: array + description: + type: string + download: + type: string + elasticsearch: + type: object + properties: + privileges: + type: object + properties: + cluster: + items: + type: string + type: array + format_version: + type: string + icons: + items: + type: string + type: array + internal: + type: boolean + name: + type: string + path: + type: string + readme: + type: string + release: + deprecated: true + description: >- + release label is deprecated, derive from the version instead + (packages follow semver) + enum: + - experimental + - beta + - ga + type: string + screenshots: + items: + type: object + properties: + path: + type: string + size: + type: string + src: + type: string + title: + type: string + type: + type: string + required: + - src + - path + type: array + source: + type: object + properties: + license: + enum: + - Apache-2.0 + - Elastic-2.0 + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - name + - title + - version + - description + - type + - categories + - conditions + - assets + - format_version + - download + - path + Fleet_package_policy: + allOf: + - type: object + properties: + id: + type: string + inputs: + oneOf: + - items: {} + type: array + - type: object + revision: + type: number + required: + - id + - revision + - $ref: '#/components/schemas/Fleet_new_package_policy' + title: Package policy + Fleet_package_policy_request: + title: Package Policy Request + type: object + properties: + description: + description: Package policy description + example: my description + type: string + force: + description: >- + Force package policy creation even if package is not verified, or if + the agent policy is managed. + type: boolean + id: + description: Package policy unique identifier + type: string + inputs: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that input, (default to true) + type: boolean + streams: + additionalProperties: + type: object + properties: + enabled: + description: enable or disable that stream, (default to true) + type: boolean + vars: + description: >- + Stream level variable (see integration documentation for + more information) + type: object + description: >- + Input streams (see integration documentation to know what + streams are available) + type: object + vars: + description: >- + Input level variable (see integration documentation for more + information) + type: object + description: >- + Package policy inputs (see integration documentation to know what + inputs are available) + example: + nginx-logfile: + enabled: true + streams: + nginx.access: + enabled: true + vars: + ignore_older: 72h + paths: + - /var/log/nginx/access.log* + preserve_original_event: false + tags: + - nginx-access + type: object + name: + description: Package policy name (should be unique) + example: nginx-123 + type: string + namespace: + description: >- + The package policy namespace. Leave blank to inherit the agent + policy's namespace. + example: customnamespace + type: string + output_id: + description: Output ID to send package data to + example: output-id + nullable: true + type: string + overrides: + description: >- + Override settings that are defined in the package policy. The + override option should be used only in unusual circumstances and not + as a routine procedure. + nullable: true + type: object + properties: + inputs: + type: object + package: + type: object + properties: + name: + description: Package name + example: nginx + type: string + version: + description: Package version + example: 1.6.0 + type: string + required: + - name + - version + policy_id: + deprecated: true + description: Agent policy ID where that package policy will be added + example: agent-policy-id + nullable: true + type: string + policy_ids: + description: Agent policy IDs where that package policy will be added + example: + - agent-policy-id + items: + type: string + type: array + vars: + description: >- + Package root level variable (see integration documentation for more + information) + type: object + required: + - name + - package + Fleet_package_usage_stats: + title: Package usage stats + type: object + properties: + agent_policy_count: + type: integer + required: + - agent_policy_count + Fleet_proxies: + title: Fleet Proxy + type: object + properties: + certificate: + type: string + certificate_authorities: + type: string + certificate_key: + type: string + id: + type: string + name: + type: string + proxy_headers: + type: object + url: + type: string + required: + - name + - url + Fleet_saved_object_type: + oneOf: + - enum: + - dashboard + - visualization + - search + - index_pattern + - map + - lens + - security_rule + - csp_rule_template + - ml_module + - tag + - osquery_pack_asset + - osquery_saved_query + type: string + - enum: + - index + - component_template + - ingest_pipeline + - index_template + - ilm_policy + - transform + - data_stream_ilm_policy + - ml_model + type: string + title: Saved Object type + Fleet_search_result: + title: Search result + type: object + properties: + description: + type: string + download: + type: string + icons: + type: string + installationInfo: + $ref: '#/components/schemas/Fleet_installation_info' + name: + type: string + path: + type: string + savedObject: + deprecated: true + type: object + status: + type: string + title: + type: string + type: + type: string + version: + type: string + required: + - description + - download + - icons + - name + - path + - title + - type + - version + - status + Fleet_settings: + title: Settings + type: object + properties: + fleet_server_hosts: + deprecated: true + items: + type: string + type: array + has_seen_add_data_notice: + type: boolean + id: + type: string + prerelease_integrations_enabled: + type: boolean + required: + - fleet_server_hosts + - id + Fleet_upgrade_agent: + title: Upgrade agent + type: object + properties: + force: + description: Force upgrade, skipping validation (should be used with caution) + type: boolean + skipRateLimitCheck: + description: Skip rate limit check for upgrade + type: boolean + source_uri: + type: string + version: + type: string + required: + - version + Fleet_upgrade_agent_diff: + items: + items: + $ref: '#/components/schemas/Fleet_full_agent_policy_input' + type: array + title: Package policy Upgrade dryrun + type: array + Fleet_upgrade_diff: + items: + allOf: + - $ref: '#/components/schemas/Fleet_package_policy' + - allOf: + - $ref: '#/components/schemas/Fleet_new_package_policy' + - type: object + properties: + errors: + items: + type: object + properties: + key: + type: string + message: + type: string + type: array + missingVars: + items: + type: string + type: array + type: object + title: Package policy Upgrade dryrun + type: array + Kibana_HTTP_APIs_core_status_redactedResponse: + additionalProperties: false + description: A minimal representation of Kibana's operational status. + type: object + properties: + status: + additionalProperties: false + type: object + properties: + overall: + additionalProperties: false + type: object + properties: + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + required: + - level + required: + - overall + required: + - status + Kibana_HTTP_APIs_core_status_response: + additionalProperties: false + description: >- + Kibana's operational status as well as a detailed breakdown of plugin + statuses indication of various loads (like event loop utilization and + network traffic) at time of request. + type: object + properties: + metrics: + additionalProperties: false + description: Metric groups collected by Kibana. + type: object + properties: + collection_interval_in_millis: + description: The interval at which metrics should be collected. + type: number + elasticsearch_client: + additionalProperties: false + description: Current network metrics of Kibana's Elasticsearch client. + type: object + properties: + totalActiveSockets: + description: Count of network sockets currently in use. + type: number + totalIdleSockets: + description: Count of network sockets currently idle. + type: number + totalQueuedRequests: + description: Count of requests not yet assigned to sockets. + type: number + required: + - totalActiveSockets + - totalIdleSockets + - totalQueuedRequests + last_updated: + description: The time metrics were collected. + type: string + required: + - elasticsearch_client + - last_updated + - collection_interval_in_millis + name: + description: Kibana instance name. + type: string + status: + additionalProperties: false + type: object + properties: + core: + additionalProperties: false + description: Statuses of core Kibana services. + type: object + properties: + elasticsearch: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + savedObjects: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: >- + An unstructured set of extra metadata about this + service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + required: + - elasticsearch + - savedObjects + overall: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: Service status levels as human and machine readable values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + plugins: + additionalProperties: + additionalProperties: false + type: object + properties: + detail: + description: Human readable detail of the service status. + type: string + documentationUrl: + description: A URL to further documentation regarding this service. + type: string + level: + description: >- + Service status levels as human and machine readable + values. + enum: + - available + - degraded + - unavailable + - critical + type: string + meta: + additionalProperties: {} + description: An unstructured set of extra metadata about this service. + type: object + summary: + description: A human readable summary of the service status. + type: string + required: + - level + - summary + - meta + description: A dynamic mapping of plugin ID to plugin status. + type: object + required: + - overall + - core + - plugins + uuid: + description: >- + Unique, generated Kibana instance UUID. This UUID should persist + even if the Kibana process restarts. + type: string + version: + additionalProperties: false + type: object + properties: + build_date: + description: The date and time of this build. + type: string + build_flavor: + description: >- + The build flavour determines configuration and behavior of + Kibana. On premise users will almost always run the + "traditional" flavour, while other flavours are reserved for + Elastic-specific use cases. + enum: + - serverless + - traditional + type: string + build_hash: + description: >- + A unique hash value representing the git commit of this Kibana + build. + type: string + build_number: + description: >- + A monotonically increasing number, each subsequent build will + have a higher number. + type: number + build_snapshot: + description: Whether this build is a snapshot build. + type: boolean + number: + description: A semantic version number. + type: string + required: + - number + - build_hash + - build_number + - build_snapshot + - build_flavor + - build_date + required: + - name + - uuid + - version + - status + - metrics + Machine_learning_APIs_mlSync200Response: + properties: + datafeedsAdded: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job is missing a datafeed + identifier, it is added when you run the sync machine learning saved + objects API. + type: object + datafeedsRemoved: + additionalProperties: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' + description: >- + If a saved object for an anomaly detection job references a datafeed + that no longer exists, it is deleted when you run the sync machine + learning saved objects API. + type: object + savedObjectsCreated: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated + savedObjectsDeleted: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted + title: Successful sync API response + type: object + Machine_learning_APIs_mlSync4xxResponse: + properties: + error: + example: Unauthorized + type: string + message: + type: string + statusCode: + example: 401 + type: integer + title: Unsuccessful sync API response + type: object + Machine_learning_APIs_mlSyncResponseAnomalyDetectors: + description: >- + The sync machine learning saved objects API response contains this + object when there are anomaly detection jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for anomaly detection jobs + type: object + Machine_learning_APIs_mlSyncResponseDatafeeds: + description: >- + The sync machine learning saved objects API response contains this + object when there are datafeeds affected by the synchronization. There + is an object for each relevant datafeed, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for datafeeds + type: object + Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: + description: >- + The sync machine learning saved objects API response contains this + object when there are data frame analytics jobs affected by the + synchronization. There is an object for each relevant job, which + contains the synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for data frame analytics jobs + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: + description: >- + If saved objects are missing for machine learning jobs or trained + models, they are created when you run the sync machine learning saved + objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If saved objects are missing for anomaly detection jobs, they are + created. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If saved objects are missing for data frame analytics jobs, they are + created. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: If saved objects are missing for trained models, they are created. + type: object + title: Sync API response for created saved objects + type: object + Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: + description: >- + If saved objects exist for machine learning jobs or trained models that + no longer exist, they are deleted when you run the sync machine learning + saved objects API. + properties: + anomaly-detector: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors + description: >- + If there are saved objects exist for nonexistent anomaly detection + jobs, they are deleted. + type: object + data-frame-analytics: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics + description: >- + If there are saved objects exist for nonexistent data frame + analytics jobs, they are deleted. + type: object + trained-model: + additionalProperties: + $ref: >- + #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels + description: >- + If there are saved objects exist for nonexistent trained models, + they are deleted. + type: object + title: Sync API response for deleted saved objects + type: object + Machine_learning_APIs_mlSyncResponseSuccess: + description: The success or failure of the synchronization. + type: boolean + Machine_learning_APIs_mlSyncResponseTrainedModels: + description: >- + The sync machine learning saved objects API response contains this + object when there are trained models affected by the synchronization. + There is an object for each relevant trained model, which contains the + synchronization status. + properties: + success: + $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' + title: Sync API response for trained models + type: object + Saved_objects_400_response: + title: Bad request + type: object + properties: + error: + enum: + - Bad Request + type: string + message: + type: string + statusCode: + enum: + - 400 + type: integer + required: + - error + - message + - statusCode + Saved_objects_attributes: + description: > + The data that you want to create. WARNING: When you create saved + objects, attributes are not validated, which allows you to pass + arbitrary and ill-formed data into the API that can break Kibana. Make + sure any data that you send to the API is properly formed. + type: object + Saved_objects_initial_namespaces: + description: > + Identifiers for the spaces in which this object is created. If this is + provided, the object is created only in the explicitly defined spaces. + If this is not provided, the object is created in the current space + (default behavior). For shareable object types (registered with + `namespaceType: 'multiple'`), this option can be used to specify one or + more spaces, including the "All spaces" identifier ('*'). For isolated + object types (registered with `namespaceType: 'single'` or + `namespaceType: 'multiple-isolated'`), this option can only be used to + specify a single space, and the "All spaces" identifier ('*') is not + allowed. For global object types (`registered with `namespaceType: + agnostic`), this option cannot be used. + type: array + Saved_objects_references: + description: > + Objects with `name`, `id`, and `type` properties that describe the other + saved objects that this object references. Use `name` in attributes to + refer to the other saved object, but never the `id`, which can update + automatically during migrations or import and export. + type: array + Security_AI_Assistant_API_AnonymizationFieldCreateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + field: + type: string + required: + - field + Security_AI_Assistant_API_AnonymizationFieldDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_AnonymizationFieldResponse: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + createdAt: + type: string + createdBy: + type: string + field: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + namespace: + description: Kibana space + type: string + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + required: + - id + - field + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: + enum: + - ANONYMIZATION_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: + type: object + properties: + anonymization_fields_count: + type: integer + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult + type: array + updated: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_AnonymizationFieldUpdateProps: + type: object + properties: + allowed: + type: boolean + anonymized: + type: boolean + id: + type: string + required: + - id + Security_AI_Assistant_API_ApiConfig: + type: object + properties: + actionTypeId: + description: action type id + type: string + connectorId: + description: connector id + type: string + defaultSystemPromptId: + description: defaultSystemPromptId + type: string + model: + description: model + type: string + provider: + $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' + description: Provider + required: + - connectorId + - actionTypeId + Security_AI_Assistant_API_BulkCrudActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_AI_Assistant_API_ChatCompleteProps: + type: object + properties: + connectorId: + type: string + conversationId: + type: string + isStream: + type: boolean + langSmithApiKey: + type: string + langSmithProject: + type: string + messages: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' + type: array + model: + type: string + persist: + type: boolean + promptId: + type: string + responseLanguage: + type: string + required: + - messages + - persist + - connectorId + Security_AI_Assistant_API_ChatMessage: + description: AI assistant message. + type: object + properties: + content: + description: Message content. + type: string + data: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' + description: ECS object to attach to the context of the message. + fields_to_anonymize: + items: + type: string + type: array + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' + description: Message role. + required: + - role + Security_AI_Assistant_API_ChatMessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_ConversationCategory: + description: The conversation category. + enum: + - assistant + - insights + type: string + Security_AI_Assistant_API_ConversationConfidence: + description: The conversation confidence. + enum: + - low + - medium + - high + type: string + Security_AI_Assistant_API_ConversationCreateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + description: The conversation id. + type: string + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + title: + description: The conversation title. + type: string + required: + - title + Security_AI_Assistant_API_ConversationResponse: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + createdAt: + description: The last time conversation was updated. + type: string + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + description: Is default conversation. + type: boolean + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + namespace: + description: Kibana space + type: string + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + title: + description: The conversation title. + type: string + updatedAt: + description: The last time conversation was updated. + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - title + - createdAt + - users + - namespace + - category + Security_AI_Assistant_API_ConversationSummary: + type: object + properties: + confidence: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_ConversationConfidence + description: >- + How confident you are about this being a correct and useful + learning. + content: + description: Summary text of the conversation over time. + type: string + public: + description: Define if summary is marked as publicly available. + type: boolean + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp summary was updated. + Security_AI_Assistant_API_ConversationUpdateProps: + type: object + properties: + apiConfig: + $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' + description: LLM API configuration. + category: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' + description: The conversation category. + excludeFromLastConversationStorage: + description: excludeFromLastConversationStorage. + type: boolean + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + messages: + description: The conversation messages. + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_Message' + type: array + replacements: + $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' + summary: + $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' + title: + description: The conversation title. + type: string + required: + - id + Security_AI_Assistant_API_FindAnonymizationFieldsSortField: + enum: + - created_at + - anonymized + - allowed + - field + - updated_at + type: string + Security_AI_Assistant_API_FindConversationsSortField: + enum: + - created_at + - is_default + - title + - updated_at + type: string + Security_AI_Assistant_API_FindPromptsSortField: + enum: + - created_at + - is_default + - name + - updated_at + type: string + Security_AI_Assistant_API_Message: + description: AI assistant conversation message. + type: object + properties: + content: + description: Message content. + type: string + isError: + description: Is error message. + type: boolean + reader: + $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' + description: Message content. + role: + $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' + description: Message role. + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + description: The timestamp message was sent or received. + traceData: + $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' + description: trace Data + required: + - timestamp + - content + - role + Security_AI_Assistant_API_MessageData: + additionalProperties: true + type: object + Security_AI_Assistant_API_MessageRole: + description: Message role. + enum: + - system + - user + - assistant + type: string + Security_AI_Assistant_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_AI_Assistant_API_NormalizedAnonymizationFieldError: + type: object + properties: + anonymization_fields: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError + type: array + err_code: + type: string + message: + type: string + status_code: + type: integer + required: + - message + - status_code + - anonymization_fields + Security_AI_Assistant_API_NormalizedPromptError: + type: object + properties: + err_code: + type: string + message: + type: string + prompts: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - prompts + Security_AI_Assistant_API_PromptCreateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + required: + - name + - content + - promptType + Security_AI_Assistant_API_PromptDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_AI_Assistant_API_PromptResponse: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + createdAt: + type: string + createdBy: + type: string + id: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + name: + type: string + namespace: + description: Kibana space + type: string + promptType: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' + timestamp: + $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' + updatedAt: + type: string + updatedBy: + type: string + users: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_User' + type: array + required: + - id + - name + - promptType + - content + Security_AI_Assistant_API_PromptsBulkActionSkipReason: + enum: + - PROMPT_FIELD_NOT_MODIFIED + type: string + Security_AI_Assistant_API_PromptsBulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason + required: + - id + - skip_reason + Security_AI_Assistant_API_PromptsBulkCrudActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError + type: array + results: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults + summary: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary + required: + - results + - summary + message: + type: string + prompts_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_AI_Assistant_API_PromptsBulkCrudActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + deleted: + items: + type: string + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_AI_Assistant_API_PromptType: + description: Prompt type + enum: + - system + - quick + type: string + Security_AI_Assistant_API_PromptUpdateProps: + type: object + properties: + categories: + items: + type: string + type: array + color: + type: string + consumer: + type: string + content: + type: string + id: + type: string + isDefault: + type: boolean + isNewConversationDefault: + type: boolean + required: + - id + Security_AI_Assistant_API_Provider: + description: Provider + enum: + - OpenAI + - Azure OpenAI + type: string + Security_AI_Assistant_API_Reader: + additionalProperties: true + type: object + Security_AI_Assistant_API_Replacements: + additionalProperties: + type: string + description: Replacements object used to anonymize/deanomymize messsages + type: object + Security_AI_Assistant_API_SortOrder: + enum: + - asc + - desc + type: string + Security_AI_Assistant_API_TraceData: + description: trace Data + type: object + properties: + traceId: + description: Could be any string, not necessarily a UUID + type: string + transactionId: + description: Could be any string, not necessarily a UUID + type: string + Security_AI_Assistant_API_User: + description: Could be any string, not necessarily a UUID + type: object + properties: + id: + description: User id + type: string + name: + description: User name + type: string + Security_Solution_Detections_API_AlertAssignees: + type: object + properties: + add: + description: A list of users ids to assign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + remove: + description: A list of users ids to unassign. + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - add + - remove + Security_Solution_Detections_API_AlertIds: + description: A list of alerts ids. + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + minItems: 1 + type: array + Security_Solution_Detections_API_AlertsIndex: + deprecated: true + description: (deprecated) Has no effect. + type: string + Security_Solution_Detections_API_AlertsIndexMigrationError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: string + required: + - message + - status_code + index: + type: string + required: + - index + - error + Security_Solution_Detections_API_AlertsIndexMigrationSuccess: + type: object + properties: + index: + type: string + migration_id: + type: string + migration_index: + type: string + required: + - index + - migration_id + - migration_index + Security_Solution_Detections_API_AlertsIndexNamespace: + description: Has no effect. + type: string + Security_Solution_Detections_API_AlertsReindexOptions: + type: object + properties: + requests_per_second: + minimum: 1 + type: integer + size: + minimum: 1 + type: integer + slices: + minimum: 1 + type: integer + Security_Solution_Detections_API_AlertsSort: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + - items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsSortCombinations + type: array + Security_Solution_Detections_API_AlertsSortCombinations: + anyOf: + - type: string + - additionalProperties: true + type: object + Security_Solution_Detections_API_AlertStatus: + enum: + - open + - closed + - acknowledged + - in-progress + type: string + Security_Solution_Detections_API_AlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + group_by: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionGroupBy + missing_fields_strategy: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy + required: + - group_by + Security_Solution_Detections_API_AlertSuppressionDuration: + type: object + properties: + unit: + enum: + - s + - m + - h + type: string + value: + minimum: 1 + type: integer + required: + - value + - unit + Security_Solution_Detections_API_AlertSuppressionGroupBy: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_AlertSuppressionMissingFieldsStrategy: + description: >- + Describes how alerts will be generated for documents with missing + suppress by fields: + + doNotSuppress - per each document a separate alert will be created + + suppress - only alert will be created per suppress by bucket + enum: + - doNotSuppress + - suppress + type: string + Security_Solution_Detections_API_AlertTag: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_AlertTags: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTag' + type: array + Security_Solution_Detections_API_AlertVersion: + type: object + properties: + count: + type: integer + version: + type: integer + required: + - version + - count + Security_Solution_Detections_API_AnomalyThreshold: + description: Anomaly threshold + minimum: 0 + type: integer + Security_Solution_Detections_API_BuildingBlockType: + description: >- + Determines if the rule acts as a building block. By default, + building-block alerts are not displayed in the UI. These rules are used + as a foundation for other rules that do generate alerts. Its value must + be default. + type: string + Security_Solution_Detections_API_BulkActionEditPayload: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTags + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadTimeline + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadRuleActions + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayloadSchedule + Security_Solution_Detections_API_BulkActionEditPayloadIndexPatterns: + type: object + properties: + overwrite_data_views: + type: boolean + type: + enum: + - add_index_patterns + - delete_index_patterns + - set_index_patterns + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadInvestigationFields: + type: object + properties: + type: + enum: + - add_investigation_fields + - delete_investigation_fields + - set_investigation_fields + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadRuleActions: + type: object + properties: + type: + enum: + - add_rule_actions + - set_rule_actions + type: string + value: + type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleAction + type: array + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThrottleForBulkActions + required: + - actions + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadSchedule: + type: object + properties: + type: + enum: + - set_schedule + type: string + value: + type: object + properties: + interval: + description: >- + Interval in which the rule runs. For example, `"1h"` means the + rule runs every hour. + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + lookback: + description: Lookback time for the rule + example: 1h + pattern: ^[1-9]\d*[smh]$ + type: string + required: + - interval + - lookback + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTags: + type: object + properties: + type: + enum: + - add_tags + - delete_tags + - set_tags + type: string + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleTagArray' + required: + - type + - value + Security_Solution_Detections_API_BulkActionEditPayloadTimeline: + type: object + properties: + type: + enum: + - set_timeline + type: string + value: + type: object + properties: + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + required: + - timeline_id + - timeline_title + required: + - type + - value + Security_Solution_Detections_API_BulkActionsDryRunErrCode: + enum: + - IMMUTABLE + - MACHINE_LEARNING_AUTH + - MACHINE_LEARNING_INDEX_PATTERN + - ESQL_INDEX_PATTERN + - MANUAL_RULE_RUN_FEATURE + - MANUAL_RULE_RUN_DISABLED_RULE + type: string + Security_Solution_Detections_API_BulkActionSkipResult: + type: object + properties: + id: + type: string + name: + type: string + skip_reason: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditSkipReason + required: + - id + - skip_reason + Security_Solution_Detections_API_BulkCrudRulesResponse: + items: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ErrorSchema' + type: array + Security_Solution_Detections_API_BulkDeleteRules: + type: object + properties: + action: + enum: + - delete + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDisableRules: + type: object + properties: + action: + enum: + - disable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkDuplicateRules: + type: object + properties: + action: + enum: + - duplicate + type: string + duplicate: + type: object + properties: + include_exceptions: + description: Whether to copy exceptions from the original rule + type: boolean + include_expired_exceptions: + description: Whether to copy expired exceptions from the original rule + type: boolean + required: + - include_exceptions + - include_expired_exceptions + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkEditActionResponse: + type: object + properties: + attributes: + type: object + properties: + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NormalizedRuleError + type: array + results: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionResults + summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkEditActionSummary + required: + - results + - summary + message: + type: string + rules_count: + type: integer + status_code: + type: integer + success: + type: boolean + required: + - attributes + Security_Solution_Detections_API_BulkEditActionResults: + type: object + properties: + created: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + deleted: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + skipped: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionSkipResult + type: array + updated: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleResponse' + type: array + required: + - updated + - created + - deleted + - skipped + Security_Solution_Detections_API_BulkEditActionSummary: + type: object + properties: + failed: + type: integer + skipped: + type: integer + succeeded: + type: integer + total: + type: integer + required: + - failed + - skipped + - succeeded + - total + Security_Solution_Detections_API_BulkEditRules: + type: object + properties: + action: + enum: + - edit + type: string + edit: + description: Array of objects containing the edit operations + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionEditPayload + minItems: 1 + type: array + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + - edit + Security_Solution_Detections_API_BulkEditSkipReason: + enum: + - RULE_NOT_MODIFIED + type: string + Security_Solution_Detections_API_BulkEnableRules: + type: object + properties: + action: + enum: + - enable + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkExportActionResponse: + type: string + Security_Solution_Detections_API_BulkExportRules: + type: object + properties: + action: + enum: + - export + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + required: + - action + Security_Solution_Detections_API_BulkManualRuleRun: + type: object + properties: + action: + enum: + - run + type: string + ids: + description: Array of rule IDs + items: + type: string + minItems: 1 + type: array + query: + description: Query to filter rules + type: string + run: + type: object + properties: + end_date: + description: End date of the manual rule run + type: string + start_date: + description: Start date of the manual rule run + type: string + required: + - start_date + required: + - action + - run + Security_Solution_Detections_API_ConcurrentSearches: + minimum: 1 + type: integer + Security_Solution_Detections_API_DataViewId: + type: string + Security_Solution_Detections_API_DefaultParams: + type: object + properties: + command: + enum: + - isolate + type: string + comment: + type: string + required: + - command + Security_Solution_Detections_API_EcsMapping: + additionalProperties: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + type: object + Security_Solution_Detections_API_EndpointResponseAction: + type: object + properties: + action_type_id: + enum: + - .endpoint + type: string + params: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_DefaultParams + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ProcessesParams + required: + - action_type_id + - params + Security_Solution_Detections_API_EqlOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + event_category_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EventCategoryOverride + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + tiebreaker_field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TiebreakerField + timestamp_field: + $ref: '#/components/schemas/Security_Solution_Detections_API_TimestampField' + Security_Solution_Detections_API_EqlQueryLanguage: + enum: + - eql + type: string + Security_Solution_Detections_API_EqlRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + required: + - type + - query + - language + Security_Solution_Detections_API_EqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleResponseFields + Security_Solution_Detections_API_EqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_EqlRulePatchFields: + allOf: + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlQueryLanguage + description: Query language to use + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: EQL query to execute + type: + description: Rule type + enum: + - eql + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchFields + Security_Solution_Detections_API_EqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlOptionalFields + Security_Solution_Detections_API_EqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateFields + Security_Solution_Detections_API_ErrorSchema: + additionalProperties: false + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + id: + type: string + item_id: + minLength: 1 + type: string + list_id: + minLength: 1 + type: string + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + required: + - error + Security_Solution_Detections_API_EsqlQueryLanguage: + enum: + - esql + type: string + Security_Solution_Detections_API_EsqlRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleResponseFields + Security_Solution_Detections_API_EsqlRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EsqlRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_EsqlRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + type: + description: Rule type + enum: + - esql + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + Security_Solution_Detections_API_EsqlRuleRequiredFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + description: ESQL query to execute + type: + description: Rule type + enum: + - esql + type: string + required: + - type + - language + - query + Security_Solution_Detections_API_EsqlRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleRequiredFields + Security_Solution_Detections_API_EsqlRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateFields + Security_Solution_Detections_API_EventCategoryOverride: + type: string + Security_Solution_Detections_API_ExceptionListType: + description: The exception type + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Detections_API_ExternalRuleSource: + description: >- + Type of rule source for externally sourced rules, i.e. rules that have + an external source, such as the Elastic Prebuilt rules repo. + type: object + properties: + is_customized: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsExternalRuleCustomized + type: + enum: + - external + type: string + required: + - type + - is_customized + Security_Solution_Detections_API_FindRulesSortField: + enum: + - created_at + - createdAt + - enabled + - execution_summary.last_execution.date + - execution_summary.last_execution.metrics.execution_gap_duration_s + - execution_summary.last_execution.metrics.total_indexing_duration_ms + - execution_summary.last_execution.metrics.total_search_duration_ms + - execution_summary.last_execution.status + - name + - risk_score + - riskScore + - severity + - updated_at + - updatedAt + type: string + Security_Solution_Detections_API_HistoryWindowStart: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + Security_Solution_Detections_API_IndexMigrationStatus: + type: object + properties: + index: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + is_outdated: + type: boolean + migrations: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MigrationStatus + type: array + signal_versions: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertVersion' + type: array + version: + type: integer + required: + - index + - version + - signal_versions + - migrations + - is_outdated + Security_Solution_Detections_API_IndexPatternArray: + items: + type: string + type: array + Security_Solution_Detections_API_InternalRuleSource: + description: >- + Type of rule source for internally sourced rules, i.e. created within + the Kibana apps. + type: object + properties: + type: + enum: + - internal + type: string + required: + - type + Security_Solution_Detections_API_InvestigationFields: + description: > + Schema for fields relating to investigation fields. These are user + defined fields we use to highlight + + in various features in the UI such as alert details flyout and + exceptions auto-population from alert. + + Added in PR #163235 + + Right now we only have a single field but anticipate adding more related + fields to store various + + configuration states such as `override` - where a user might say if they + want only these fields to + + display, or if they want these fields + the fields we select. When + expanding this field, it may look + + something like: + + ```typescript + + const investigationFields = z.object({ + field_names: NonEmptyArray(NonEmptyString), + override: z.boolean().optional(), + }); + + ``` + type: object + properties: + field_names: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + required: + - field_names + Security_Solution_Detections_API_InvestigationGuide: + description: Notes to help investigate alerts produced by the rule. + type: string + Security_Solution_Detections_API_IsExternalRuleCustomized: + description: >- + Determines whether an external/prebuilt rule has been customized by the + user (i.e. any of its fields have been modified and diverged from the + base value). + type: boolean + Security_Solution_Detections_API_IsRuleEnabled: + description: Determines whether the rule is enabled. + type: boolean + Security_Solution_Detections_API_IsRuleImmutable: + deprecated: true + description: >- + This field determines whether the rule is a prebuilt Elastic rule. It + will be replaced with the `rule_source` field. + type: boolean + Security_Solution_Detections_API_ItemsPerSearch: + minimum: 1 + type: integer + Security_Solution_Detections_API_KqlQueryLanguage: + enum: + - kuery + - lucene + type: string + Security_Solution_Detections_API_MachineLearningJobId: + description: Machine learning job ID + oneOf: + - type: string + - items: + type: string + minItems: 1 + type: array + Security_Solution_Detections_API_MachineLearningRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleResponseFields + Security_Solution_Detections_API_MachineLearningRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MachineLearningRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + Security_Solution_Detections_API_MachineLearningRulePatchFields: + allOf: + - type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchFields + Security_Solution_Detections_API_MachineLearningRuleRequiredFields: + type: object + properties: + anomaly_threshold: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AnomalyThreshold + machine_learning_job_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningJobId + type: + description: Rule type + enum: + - machine_learning + type: string + required: + - type + - machine_learning_job_id + - anomaly_threshold + Security_Solution_Detections_API_MachineLearningRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleOptionalFields + Security_Solution_Detections_API_MachineLearningRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateFields + Security_Solution_Detections_API_MaxSignals: + minimum: 1 + type: integer + Security_Solution_Detections_API_MigrationCleanupResult: + type: object + properties: + destinationIndex: + type: string + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string + required: + - id + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Solution_Detections_API_MigrationFinalizationResult: + type: object + properties: + completed: + type: boolean + destinationIndex: + type: string + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - message + - status_code + id: + type: string + sourceIndex: + type: string + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: string + required: + - id + - completed + - destinationIndex + - status + - sourceIndex + - version + - updated + Security_Solution_Detections_API_MigrationStatus: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + status: + enum: + - success + - failure + - pending + type: string + updated: + format: date-time + type: string + version: + type: integer + required: + - id + - status + - version + - updated + Security_Solution_Detections_API_NewTermsFields: + items: + type: string + maxItems: 3 + minItems: 1 + type: array + Security_Solution_Detections_API_NewTermsRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleResponseFields + Security_Solution_Detections_API_NewTermsRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NewTermsRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_NewTermsRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_NewTermsRulePatchFields: + allOf: + - type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsFields + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleDefaultableFields + Security_Solution_Detections_API_NewTermsRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchFields + Security_Solution_Detections_API_NewTermsRuleRequiredFields: + type: object + properties: + history_window_start: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_HistoryWindowStart + new_terms_fields: + $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsFields' + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + type: + description: Rule type + enum: + - new_terms + type: string + required: + - type + - query + - new_terms_fields + - history_window_start + Security_Solution_Detections_API_NewTermsRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_NewTermsRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateFields + Security_Solution_Detections_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Detections_API_NormalizedRuleAction: + additionalProperties: false + type: object + properties: + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + required: + - id + - params + Security_Solution_Detections_API_NormalizedRuleError: + type: object + properties: + err_code: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BulkActionsDryRunErrCode + message: + type: string + rules: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDetailsInError + type: array + status_code: + type: integer + required: + - message + - status_code + - rules + Security_Solution_Detections_API_OsqueryParams: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + pack_id: + type: string + queries: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryQuery' + type: array + query: + type: string + saved_query_id: + type: string + timeout: + type: number + Security_Solution_Detections_API_OsqueryQuery: + type: object + properties: + ecs_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_EcsMapping' + id: + description: Query ID + type: string + platform: + type: string + query: + description: Query to run + type: string + removed: + type: boolean + snapshot: + type: boolean + version: + description: Query version + type: string + required: + - id + - query + Security_Solution_Detections_API_OsqueryResponseAction: + type: object + properties: + action_type_id: + enum: + - .osquery + type: string + params: + $ref: '#/components/schemas/Security_Solution_Detections_API_OsqueryParams' + required: + - action_type_id + - params + Security_Solution_Detections_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Detections_API_ProcessesParams: + type: object + properties: + command: + enum: + - kill-process + - suspend-process + type: string + comment: + type: string + config: + type: object + properties: + field: + description: Field to use instead of process.pid + type: string + overwrite: + default: true + description: Whether to overwrite field with process.pid + type: boolean + required: + - field + required: + - command + - config + Security_Solution_Detections_API_QueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleResponseFields + Security_Solution_Detections_API_QueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_QueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + Security_Solution_Detections_API_QueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_QueryRulePatchFields: + allOf: + - type: object + properties: + type: + description: Rule type + enum: + - query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleDefaultableFields + Security_Solution_Detections_API_QueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchFields + Security_Solution_Detections_API_QueryRuleRequiredFields: + type: object + properties: + type: + description: Rule type + enum: + - query + type: string + required: + - type + Security_Solution_Detections_API_QueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + required: + - query + - language + Security_Solution_Detections_API_QueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateFields + Security_Solution_Detections_API_RelatedIntegration: + description: > + Related integration is a potential dependency of a rule. It's assumed + that if the user installs + + one of the related integrations of a rule, the rule might start to work + properly because it will + + have source events (generated by this integration) potentially matching + the rule's query. + + + NOTE: Proper work is not guaranteed, because a related integration, if + installed, can be + + configured differently or generate data that is not necessarily relevant + for this rule. + + + Related integration is a combination of a Fleet package and (optionally) + one of the + + package's "integrations" that this package contains. It is represented + by 3 properties: + + + - `package`: name of the package (required, unique id) + + - `version`: version of the package (required, semver-compatible) + + - `integration`: name of the integration of this package (optional, id + within the package) + + + There are Fleet packages like `windows` that contain only one + integration; in this case, + + `integration` should be unspecified. There are also packages like `aws` + and `azure` that contain + + several integrations; in this case, `integration` should be specified. + + + @example + + const x: RelatedIntegration = { + package: 'windows', + version: '1.5.x', + }; + + + @example + + const x: RelatedIntegration = { + package: 'azure', + version: '~1.1.6', + integration: 'activitylogs', + }; + type: object + properties: + integration: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + package: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + version: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - package + - version + Security_Solution_Detections_API_RelatedIntegrationArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegration + type: array + Security_Solution_Detections_API_RequiredField: + description: > + Describes an Elasticsearch field that is needed for the rule to + function. + + + Almost all types of Security rules check source event documents for a + match to some kind of + + query or filter. If a document has certain field with certain values, + then it's a match and + + the rule will generate an alert. + + + Required field is an event field that must be present in the source + indices of a given rule. + + + @example + + const standardEcsField: RequiredField = { + name: 'event.action', + type: 'keyword', + ecs: true, + }; + + + @example + + const nonEcsField: RequiredField = { + name: 'winlog.event_data.AttributeLDAPDisplayName', + type: 'keyword', + ecs: false, + }; + type: object + properties: + ecs: + description: Whether the field is an ECS field + type: boolean + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of the Elasticsearch field + required: + - name + - type + - ecs + Security_Solution_Detections_API_RequiredFieldArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_RequiredField' + type: array + Security_Solution_Detections_API_RequiredFieldInput: + description: >- + Input parameters to create a RequiredField. Does not include the `ecs` + field, because `ecs` is calculated on the backend based on the field + name and type. + type: object + properties: + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Name of an Elasticsearch field + type: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: Type of an Elasticsearch field + required: + - name + - type + Security_Solution_Detections_API_ResponseAction: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_OsqueryResponseAction + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EndpointResponseAction + Security_Solution_Detections_API_ResponseFields: + type: object + properties: + created_at: + format: date-time + type: string + created_by: + type: string + execution_summary: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionSummary + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleObjectId' + immutable: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleImmutable + required_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldArray + revision: + minimum: 0 + type: integer + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_source: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleSource' + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - rule_id + - immutable + - updated_at + - updated_by + - created_at + - created_by + - revision + - related_integrations + - required_fields + Security_Solution_Detections_API_RiskScore: + description: Risk score (0 to 100) + maximum: 100 + minimum: 0 + type: integer + Security_Solution_Detections_API_RiskScoreMapping: + description: >- + Overrides generated alerts' risk_score with a value from the source + event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + value: + type: string + required: + - field + - operator + - value + type: array + Security_Solution_Detections_API_RuleAction: + type: object + properties: + action_type_id: + description: The action type used for sending notifications. + type: string + alerts_filter: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionAlertsFilter + frequency: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionFrequency + group: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionGroup + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleActionId' + params: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionParams + uuid: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - action_type_id + - id + - params + Security_Solution_Detections_API_RuleActionAlertsFilter: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleActionFrequency: + description: >- + The action frequency defines when the action runs (for example, only on + rule execution or at specific time intervals). + type: object + properties: + notifyWhen: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionNotifyWhen + summary: + description: >- + Action summary indicates whether we will send a summary notification + about all the generate alerts or notification per individual alert + type: boolean + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + nullable: true + required: + - summary + - notifyWhen + - throttle + Security_Solution_Detections_API_RuleActionGroup: + description: >- + Optionally groups actions by use cases. Use `default` for alert + notifications. + type: string + Security_Solution_Detections_API_RuleActionId: + description: The connector ID. + type: string + Security_Solution_Detections_API_RuleActionNotifyWhen: + description: >- + The condition for throttling the notification: `onActionGroupChange`, + `onActiveAlert`, or `onThrottleInterval` + enum: + - onActiveAlert + - onThrottleInterval + - onActionGroupChange + type: string + Security_Solution_Detections_API_RuleActionParams: + additionalProperties: true + description: >- + Object containing the allowed connector fields, which varies according + to the connector type. + type: object + Security_Solution_Detections_API_RuleActionThrottle: + description: Defines how often rule actions are taken. + oneOf: + - enum: + - no_actions + - rule + type: string + - description: Time interval in seconds, minutes, hours, or days. + example: 1h + pattern: ^[1-9]\d*[smhd]$ + type: string + Security_Solution_Detections_API_RuleAuthorArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleCreateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleCreateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleCreateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleDescription: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleDetailsInError: + type: object + properties: + id: + type: string + name: + type: string + required: + - id + Security_Solution_Detections_API_RuleExceptionList: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: ID of the exception container + list_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + description: List ID of the exception container + namespace_type: + description: Determines the exceptions validity in rule's Kibana space + enum: + - agnostic + - single + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExceptionListType + required: + - id + - list_id + - type + - namespace_type + Security_Solution_Detections_API_RuleExecutionMetrics: + type: object + properties: + execution_gap_duration_s: + description: Duration in seconds of execution gap + minimum: 0 + type: integer + total_enrichment_duration_ms: + description: >- + Total time spent enriching documents during current rule execution + cycle + minimum: 0 + type: integer + total_indexing_duration_ms: + description: >- + Total time spent indexing documents during current rule execution + cycle + minimum: 0 + type: integer + total_search_duration_ms: + description: >- + Total time spent performing ES searches as measured by Kibana; + includes network latency and time spent serializing/deserializing + request/response + minimum: 0 + type: integer + Security_Solution_Detections_API_RuleExecutionStatus: + description: >- + Custom execution status of Security rules that is different from the + status used in the Alerting Framework. We merge our custom status with + the Framework's status to determine the resulting status of a rule. + + - going to run - @deprecated Replaced by the 'running' status but left + for backwards compatibility with rule execution events already written + to Event Log in the prior versions of Kibana. Don't use when writing + rule status changes. + + - running - Rule execution started but not reached any intermediate or + final status. + + - partial failure - Rule can partially fail for various reasons either + in the middle of an execution (in this case we update its status right + away) or in the end of it. So currently this status can be both + intermediate and final at the same time. A typical reason for a partial + failure: not all the indices that the rule searches over actually exist. + + - failed - Rule failed to execute due to unhandled exception or a reason + defined in the business logic of its executor function. + + - succeeded - Rule executed successfully without any issues. Note: this + status is just an indication of a rule's "health". The rule might or + might not generate any alerts despite of it. + enum: + - going to run + - running + - partial failure + - failed + - succeeded + type: string + Security_Solution_Detections_API_RuleExecutionStatusOrder: + type: integer + Security_Solution_Detections_API_RuleExecutionSummary: + type: object + properties: + last_execution: + type: object + properties: + date: + description: Date of the last execution + format: date-time + type: string + message: + type: string + metrics: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionMetrics + status: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatus + description: Status of the last execution + status_order: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExecutionStatusOrder + required: + - date + - status + - status_order + - message + - metrics + required: + - last_execution + Security_Solution_Detections_API_RuleFalsePositiveArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleFilterArray: + items: {} + type: array + Security_Solution_Detections_API_RuleInterval: + description: >- + Frequency of rule execution, using a date math range. For example, "1h" + means the rule runs every hour. Defaults to 5m (5 minutes). + type: string + Security_Solution_Detections_API_RuleIntervalFrom: + description: >- + Time from which data is analyzed each time the rule runs, using a date + math range. For example, now-4200s means the rule analyzes data from 70 + minutes before its start time. Defaults to now-6m (analyzes data from 6 + minutes before the start time). + format: date-math + type: string + Security_Solution_Detections_API_RuleIntervalTo: + type: string + Security_Solution_Detections_API_RuleLicense: + description: The rule's license. + type: string + Security_Solution_Detections_API_RuleMetadata: + additionalProperties: true + type: object + Security_Solution_Detections_API_RuleName: + minLength: 1 + type: string + Security_Solution_Detections_API_RuleNameOverride: + description: Sets the source field for the alert's signal.rule.name value + type: string + Security_Solution_Detections_API_RuleObjectId: + $ref: '#/components/schemas/Security_Solution_Detections_API_UUID' + Security_Solution_Detections_API_RulePatchProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRulePatchProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRulePatchProps + Security_Solution_Detections_API_RulePreviewLoggedRequest: + type: object + properties: + description: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + duration: + type: integer + request: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + required: + - request + Security_Solution_Detections_API_RulePreviewLogs: + type: object + properties: + duration: + description: Execution duration in milliseconds + type: integer + errors: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + requests: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RulePreviewLoggedRequest + type: array + startedAt: + $ref: '#/components/schemas/Security_Solution_Detections_API_NonEmptyString' + warnings: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: array + required: + - errors + - warnings + - duration + Security_Solution_Detections_API_RulePreviewParams: + type: object + properties: + invocationCount: + type: integer + timeframeEnd: + format: date-time + type: string + required: + - invocationCount + - timeframeEnd + Security_Solution_Detections_API_RuleQuery: + type: string + Security_Solution_Detections_API_RuleReferenceArray: + items: + type: string + type: array + Security_Solution_Detections_API_RuleResponse: + anyOf: + - $ref: '#/components/schemas/Security_Solution_Detections_API_EqlRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_QueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdRule' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRule + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRule + - $ref: '#/components/schemas/Security_Solution_Detections_API_NewTermsRule' + - $ref: '#/components/schemas/Security_Solution_Detections_API_EsqlRule' + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleSignatureId: + description: Could be any string, not necessarily a UUID + type: string + Security_Solution_Detections_API_RuleSource: + description: >- + Discriminated union that determines whether the rule is internally + sourced (created within the Kibana app) or has an external source, such + as the Elastic Prebuilt rules repo. + discriminator: + propertyName: type + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ExternalRuleSource + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_InternalRuleSource + Security_Solution_Detections_API_RuleTagArray: + description: >- + String array containing words and phrases to help categorize, filter, + and search rules. Defaults to an empty array. + items: + type: string + type: array + Security_Solution_Detections_API_RuleUpdateProps: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EqlRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_QueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_MachineLearningRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_NewTermsRuleUpdateProps + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_EsqlRuleUpdateProps + discriminator: + propertyName: type + Security_Solution_Detections_API_RuleVersion: + description: The rule's version number. + minimum: 1 + type: integer + Security_Solution_Detections_API_SavedObjectResolveAliasPurpose: + enum: + - savedObjectConversion + - savedObjectImport + type: string + Security_Solution_Detections_API_SavedObjectResolveAliasTargetId: + type: string + Security_Solution_Detections_API_SavedObjectResolveOutcome: + enum: + - exactMatch + - aliasMatch + - conflict + type: string + Security_Solution_Detections_API_SavedQueryId: + type: string + Security_Solution_Detections_API_SavedQueryRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleResponseFields + Security_Solution_Detections_API_SavedQueryRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SavedQueryRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_SavedQueryRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + response_actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ResponseAction + type: array + Security_Solution_Detections_API_SavedQueryRulePatchFields: + allOf: + - type: object + properties: + saved_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryId + type: + description: Rule type + enum: + - saved_query + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleDefaultableFields + Security_Solution_Detections_API_SavedQueryRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRulePatchFields + Security_Solution_Detections_API_SavedQueryRuleRequiredFields: + type: object + properties: + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + type: + description: Rule type + enum: + - saved_query + type: string + required: + - type + - saved_id + Security_Solution_Detections_API_SavedQueryRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_SavedQueryRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedQueryRuleCreateFields + Security_Solution_Detections_API_SetAlertsStatusByIds: + type: object + properties: + signal_ids: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + minItems: 1 + type: array + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - signal_ids + - status + Security_Solution_Detections_API_SetAlertsStatusByQuery: + type: object + properties: + conflicts: + default: abort + enum: + - abort + - proceed + type: string + query: + additionalProperties: true + type: object + status: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertStatus' + required: + - query + - status + Security_Solution_Detections_API_SetAlertTags: + type: object + properties: + tags_to_add: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + tags_to_remove: + $ref: '#/components/schemas/Security_Solution_Detections_API_AlertTags' + required: + - tags_to_add + - tags_to_remove + Security_Solution_Detections_API_SetupGuide: + type: string + Security_Solution_Detections_API_Severity: + description: Severity of the rule + enum: + - low + - medium + - high + - critical + type: string + Security_Solution_Detections_API_SeverityMapping: + description: Overrides generated alerts' severity with values from the source event + items: + type: object + properties: + field: + type: string + operator: + enum: + - equals + type: string + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + value: + type: string + required: + - field + - operator + - severity + - value + type: array + Security_Solution_Detections_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Detections_API_SkippedAlertsIndexMigration: + type: object + properties: + index: + type: string + required: + - index + Security_Solution_Detections_API_SortOrder: + enum: + - asc + - desc + type: string + Security_Solution_Detections_API_Threat: + type: object + properties: + framework: + description: Relevant attack framework + type: string + tactic: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatTactic' + technique: + description: Array containing information on the attack techniques (optional) + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatTechnique + type: array + required: + - framework + - tactic + Security_Solution_Detections_API_ThreatArray: + items: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threat' + type: array + Security_Solution_Detections_API_ThreatFilters: + items: + description: >- + Query and filter context array used to filter documents from the + Elasticsearch index containing the threat values + type: array + Security_Solution_Detections_API_ThreatIndex: + items: + type: string + type: array + Security_Solution_Detections_API_ThreatIndicatorPath: + description: >- + Defines the path to the threat indicator in the indicator documents + (optional) + type: string + Security_Solution_Detections_API_ThreatMapping: + items: + type: object + properties: + entries: + items: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + type: + enum: + - mapping + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_NonEmptyString + required: + - field + - type + - value + type: array + required: + - entries + minItems: 1 + type: array + Security_Solution_Detections_API_ThreatMatchRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleResponseFields + Security_Solution_Detections_API_ThreatMatchRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppression + concurrent_searches: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ConcurrentSearches + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + items_per_search: + $ref: '#/components/schemas/Security_Solution_Detections_API_ItemsPerSearch' + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + threat_filters: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatFilters' + threat_indicator_path: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndicatorPath + threat_language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThreatMatchRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatIndex + threat_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMapping + threat_query: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatQuery + type: + description: Rule type + enum: + - threat_match + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleDefaultableFields + Security_Solution_Detections_API_ThreatMatchRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRulePatchFields + Security_Solution_Detections_API_ThreatMatchRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threat_index: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatIndex' + threat_mapping: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatMapping' + threat_query: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThreatQuery' + type: + description: Rule type + enum: + - threat_match + type: string + required: + - type + - query + - threat_query + - threat_mapping + - threat_index + Security_Solution_Detections_API_ThreatMatchRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThreatMatchRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatMatchRuleCreateFields + Security_Solution_Detections_API_ThreatQuery: + description: Query to run + type: string + Security_Solution_Detections_API_ThreatSubtechnique: + type: object + properties: + id: + description: Subtechnique ID + type: string + name: + description: Subtechnique name + type: string + reference: + description: Subtechnique reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTactic: + type: object + properties: + id: + description: Tactic ID + type: string + name: + description: Tactic name + type: string + reference: + description: Tactic reference + type: string + required: + - id + - name + - reference + Security_Solution_Detections_API_ThreatTechnique: + type: object + properties: + id: + description: Technique ID + type: string + name: + description: Technique name + type: string + reference: + description: Technique reference + type: string + subtechnique: + description: Array containing more specific information on the attack technique + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatSubtechnique + type: array + required: + - id + - name + - reference + Security_Solution_Detections_API_Threshold: + type: object + properties: + cardinality: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdCardinality + field: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdField' + value: + $ref: '#/components/schemas/Security_Solution_Detections_API_ThresholdValue' + required: + - field + - value + Security_Solution_Detections_API_ThresholdAlertSuppression: + type: object + properties: + duration: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertSuppressionDuration + required: + - duration + Security_Solution_Detections_API_ThresholdCardinality: + items: + type: object + properties: + field: + type: string + value: + minimum: 0 + type: integer + required: + - field + - value + type: array + Security_Solution_Detections_API_ThresholdField: + description: Field to aggregate on + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Detections_API_ThresholdRule: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - version + - tags + - enabled + - risk_score_mapping + - severity_mapping + - interval + - from + - to + - actions + - exceptions_list + - author + - false_positives + - references + - max_signals + - threat + - setup + - related_integrations + - required_fields + - $ref: '#/components/schemas/Security_Solution_Detections_API_ResponseFields' + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleResponseFields + Security_Solution_Detections_API_ThresholdRuleCreateFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRuleCreateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdRuleDefaultableFields: + type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + Security_Solution_Detections_API_ThresholdRuleOptionalFields: + type: object + properties: + alert_suppression: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdAlertSuppression + data_view_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_DataViewId' + filters: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFilterArray + index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IndexPatternArray + saved_id: + $ref: '#/components/schemas/Security_Solution_Detections_API_SavedQueryId' + Security_Solution_Detections_API_ThresholdRulePatchFields: + allOf: + - type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleDefaultableFields + Security_Solution_Detections_API_ThresholdRulePatchProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRulePatchFields + Security_Solution_Detections_API_ThresholdRuleRequiredFields: + type: object + properties: + query: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleQuery' + threshold: + $ref: '#/components/schemas/Security_Solution_Detections_API_Threshold' + type: + description: Rule type + enum: + - threshold + type: string + required: + - type + - query + - threshold + Security_Solution_Detections_API_ThresholdRuleResponseFields: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleRequiredFields + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleOptionalFields + - type: object + properties: + language: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_KqlQueryLanguage + required: + - language + Security_Solution_Detections_API_ThresholdRuleUpdateProps: + allOf: + - type: object + properties: + actions: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAction + type: array + alias_purpose: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasPurpose + alias_target_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveAliasTargetId + author: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleAuthorArray + building_block_type: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_BuildingBlockType + description: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleDescription + enabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_IsRuleEnabled + exceptions_list: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleExceptionList + type: array + false_positives: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleFalsePositiveArray + from: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalFrom + id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleObjectId + interval: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleInterval + investigation_fields: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationFields + license: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleLicense + max_signals: + $ref: '#/components/schemas/Security_Solution_Detections_API_MaxSignals' + meta: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleMetadata + name: + $ref: '#/components/schemas/Security_Solution_Detections_API_RuleName' + namespace: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndexNamespace + note: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_InvestigationGuide + outcome: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SavedObjectResolveOutcome + output_index: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_AlertsIndex + references: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleReferenceArray + related_integrations: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RelatedIntegrationArray + required_fields: + items: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RequiredFieldInput + type: array + risk_score: + $ref: '#/components/schemas/Security_Solution_Detections_API_RiskScore' + risk_score_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RiskScoreMapping + rule_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleSignatureId + rule_name_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleNameOverride + setup: + $ref: '#/components/schemas/Security_Solution_Detections_API_SetupGuide' + severity: + $ref: '#/components/schemas/Security_Solution_Detections_API_Severity' + severity_mapping: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_SeverityMapping + tags: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleTagArray + threat: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThreatArray + throttle: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleActionThrottle + timeline_id: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateId + timeline_title: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimelineTemplateTitle + timestamp_override: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverride + timestamp_override_fallback_disabled: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_TimestampOverrideFallbackDisabled + to: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleIntervalTo + version: + $ref: >- + #/components/schemas/Security_Solution_Detections_API_RuleVersion + required: + - name + - description + - risk_score + - severity + - $ref: >- + #/components/schemas/Security_Solution_Detections_API_ThresholdRuleCreateFields + Security_Solution_Detections_API_ThresholdValue: + description: Threshold value + minimum: 1 + type: integer + Security_Solution_Detections_API_ThrottleForBulkActions: + description: >- + The condition for throttling the notification: 'rule', 'no_actions', or + time duration + enum: + - rule + - 1h + - 1d + - 7d + type: string + Security_Solution_Detections_API_TiebreakerField: + description: Sets a secondary field for sorting events + type: string + Security_Solution_Detections_API_TimelineTemplateId: + description: Timeline template ID + type: string + Security_Solution_Detections_API_TimelineTemplateTitle: + description: Timeline template title + type: string + Security_Solution_Detections_API_TimestampField: + description: Contains the event timestamp used for sorting a sequence of events + type: string + Security_Solution_Detections_API_TimestampOverride: + description: Sets the time field used to query indices + type: string + Security_Solution_Detections_API_TimestampOverrideFallbackDisabled: + description: Disables the fallback to the event's @timestamp field + type: boolean + Security_Solution_Detections_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Detections_API_WarningSchema: + type: object + properties: + actionPath: + type: string + buttonLabel: + type: string + message: + type: string + type: + type: string + required: + - type + - message + - actionPath + Security_Solution_Endpoint_Exceptions_API_EndpointList: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionList + - additionalProperties: false + type: object + Security_Solution_Endpoint_Exceptions_API_EndpointListItem: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItem + Security_Solution_Endpoint_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Endpoint_Exceptions_API_ExceptionListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + created_at: + format: date-time + type: string + created_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + updated_at: + format: date-time + type: string + updated_by: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - id + - comment + - created_at + - created_by + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + list: + type: object + properties: + id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListId + type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ListType + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + operator: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + required: + - type + - field + - value + - operator + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemHumanId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemName: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemTags: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Endpoint_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Endpoint_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Endpoint_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Endpoint_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Endpoint_Exceptions_API_FindEndpointListItemsFilter: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListId: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Exceptions_API_NonEmptyString + Security_Solution_Endpoint_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Endpoint_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Endpoint_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Endpoint_Management_API_ActionLogRequestQuery: + type: object + properties: + end_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + page_size: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PageSize + start_date: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + Security_Solution_Endpoint_Management_API_ActionStateSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + canEncrypt: + type: boolean + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_ActionStatusSuccessResponse: + type: object + properties: + body: + type: object + properties: + data: + type: object + properties: + agent_id: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentId + pending_actions: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionsSchema + required: + - agent_id + - pending_actions + required: + - data + required: + - body + Security_Solution_Endpoint_Management_API_AgentId: + description: Agent ID + type: string + Security_Solution_Endpoint_Management_API_AgentIds: + minLength: 1 + oneOf: + - items: + minLength: 1 + type: string + maxItems: 50 + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_AgentTypes: + enum: + - endpoint + - sentinel_one + - crowdstrike + type: string + Security_Solution_Endpoint_Management_API_AlertIds: + description: A list of alerts ids. + items: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NonEmptyString + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_CaseIds: + description: Case IDs to be updated (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_Command: + description: The command to be executed (cannot be an empty string) + enum: + - isolate + - unisolate + - kill-process + - suspend-process + - running-processes + - get-file + - execute + - upload + - scan + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_Commands: + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Command' + type: array + Security_Solution_Endpoint_Management_API_Comment: + description: Optional comment + type: string + Security_Solution_Endpoint_Management_API_EndDate: + description: End date + type: string + Security_Solution_Endpoint_Management_API_EndpointIds: + description: List of endpoint IDs (cannot contain empty strings) + items: + minLength: 1 + type: string + minItems: 1 + type: array + Security_Solution_Endpoint_Management_API_EntityId: + type: object + properties: + entity_id: + minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_ExecuteRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + command: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Command + timeout: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Timeout + required: + - command + required: + - parameters + Security_Solution_Endpoint_Management_API_GetEndpointActionListRouteQuery: + type: object + properties: + agentIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentIds + agentTypes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + commands: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Commands + endDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndDate + page: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Page' + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + startDate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_StartDate + types: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Types' + userIds: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_UserIds + withOutputs: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_WithOutputs + Security_Solution_Endpoint_Management_API_GetFileRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_GetProcessesRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_IsolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_KillProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + - type: object + properties: + process_name: + description: Valid for SentinelOne agent type only + minLength: 1 + type: string + required: + - parameters + Security_Solution_Endpoint_Management_API_ListRequestQuery: + type: object + properties: + hostStatuses: + items: + enum: + - healthy + - offline + - updating + - inactive + - unenrolled + type: string + type: array + kuery: + nullable: true + type: string + page: + default: 0 + description: Page number + minimum: 0 + type: integer + pageSize: + default: 10 + description: Number of items per page + maximum: 10000 + minimum: 1 + type: integer + sortDirection: + enum: + - asc + - desc + nullable: true + type: string + sortField: + enum: + - enrolled_at + - metadata.host.hostname + - host_status + - metadata.Endpoint.policy.applied.name + - metadata.Endpoint.policy.applied.status + - metadata.host.os.name + - metadata.host.ip + - metadata.agent.version + - last_checkin + type: string + required: + - hostStatuses + Security_Solution_Endpoint_Management_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Endpoint_Management_API_NoParametersRequestSchema: + type: object + properties: + body: + type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + required: + - body + Security_Solution_Endpoint_Management_API_Page: + default: 1 + description: Page number + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_PageSize: + default: 10 + description: Number of items per page + maximum: 100 + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Parameters: + description: Optional parameters object + type: object + Security_Solution_Endpoint_Management_API_PendingActionDataType: + type: integer + Security_Solution_Endpoint_Management_API_PendingActionsSchema: + oneOf: + - type: object + properties: + execute: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + get-file: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + isolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + kill-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + running-processes: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + scan: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + suspend-process: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + unisolate: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + upload: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_PendingActionDataType + - additionalProperties: true + type: object + Security_Solution_Endpoint_Management_API_Pid: + type: object + properties: + pid: + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_ProtectionUpdatesNoteResponse: + type: object + properties: + note: + type: string + Security_Solution_Endpoint_Management_API_ScanRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + type: object + properties: + path: + type: string + required: + - path + required: + - parameters + Security_Solution_Endpoint_Management_API_StartDate: + description: Start date + type: string + Security_Solution_Endpoint_Management_API_SuccessResponse: + type: object + properties: {} + Security_Solution_Endpoint_Management_API_SuspendProcessRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + parameters: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Pid + - $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EntityId + required: + - parameters + Security_Solution_Endpoint_Management_API_Timeout: + description: The maximum timeout value in milliseconds (optional) + minimum: 1 + type: integer + Security_Solution_Endpoint_Management_API_Type: + description: Type of response action + enum: + - automated + - manual + type: string + Security_Solution_Endpoint_Management_API_Types: + description: List of types of response actions + items: + $ref: '#/components/schemas/Security_Solution_Endpoint_Management_API_Type' + maxLength: 2 + minLength: 1 + type: array + Security_Solution_Endpoint_Management_API_UnisolateRouteRequestBody: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_NoParametersRequestSchema + Security_Solution_Endpoint_Management_API_UploadRouteRequestBody: + allOf: + - type: object + properties: + agent_type: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AgentTypes + alert_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_AlertIds + case_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_CaseIds + comment: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Comment + endpoint_ids: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_EndpointIds + parameters: + $ref: >- + #/components/schemas/Security_Solution_Endpoint_Management_API_Parameters + required: + - endpoint_ids + - type: object + properties: + file: + format: binary + type: string + parameters: + type: object + properties: + overwrite: + default: false + type: boolean + required: + - parameters + - file + Security_Solution_Endpoint_Management_API_UserIds: + description: User IDs + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Endpoint_Management_API_WithOutputs: + description: Shows detailed outputs for an action response + oneOf: + - items: + minLength: 1 + type: string + minItems: 1 + type: array + - minLength: 1 + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: + type: object + properties: + index: + type: integer + message: + type: string + required: + - message + - index + Security_Solution_Entity_Analytics_API_AssetCriticalityBulkUploadStats: + type: object + properties: + failed: + type: integer + successful: + type: integer + total: + type: integer + required: + - successful + - failed + - total + Security_Solution_Entity_Analytics_API_AssetCriticalityLevel: + description: The criticality level of the asset. + enum: + - low_impact + - medium_impact + - high_impact + - extreme_impact + type: string + Security_Solution_Entity_Analytics_API_AssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord + - type: object + properties: + '@timestamp': + description: The time the record was created or updated. + example: '2017-07-21T17:32:28Z' + format: date-time + type: string + required: + - '@timestamp' + Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts: + type: object + properties: + id_field: + $ref: '#/components/schemas/Security_Solution_Entity_Analytics_API_IdField' + description: The field representing the ID. + example: host.name + id_value: + description: The ID value of the asset. + type: string + required: + - id_value + - id_field + Security_Solution_Entity_Analytics_API_CreateAssetCriticalityRecord: + allOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityRecordIdParts + - type: object + properties: + criticality_level: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_AssetCriticalityLevel + required: + - criticality_level + Security_Solution_Entity_Analytics_API_EngineDescriptor: + type: object + properties: + filter: + type: string + indexPattern: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_IndexPattern + status: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EngineStatus + type: + $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_EntityType + Security_Solution_Entity_Analytics_API_EngineStatus: + enum: + - installing + - started + - stopped + type: string + Security_Solution_Entity_Analytics_API_Entity: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_UserEntity + - $ref: >- + #/components/schemas/Security_Solution_Entity_Analytics_API_HostEntity + Security_Solution_Entity_Analytics_API_EntityType: + enum: + - user + - host + type: string + Security_Solution_Entity_Analytics_API_HostEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + host: + type: object + properties: + architecture: + items: + type: string + type: array + domain: + items: + type: string + type: array + hostname: + items: + type: string + type: array + id: + items: + type: string + type: array + ip: + items: + type: string + type: array + mac: + items: + type: string + type: array + name: + type: string + type: + items: + type: string + type: array + required: + - name + Security_Solution_Entity_Analytics_API_IdField: + enum: + - host.name + - user.name + type: string + Security_Solution_Entity_Analytics_API_IndexPattern: + type: string + Security_Solution_Entity_Analytics_API_InspectQuery: + type: object + properties: + dsl: + items: + type: string + type: array + response: + items: + type: string + type: array + required: + - dsl + - response + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: + type: object + properties: + full_error: + type: string + message: + type: string + required: + - message + - full_error + Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowResponse: + type: object + properties: + success: + type: boolean + Security_Solution_Entity_Analytics_API_TaskManagerUnavailableResponse: + description: Task manager is unavailable + type: object + properties: + message: + type: string + status_code: + minimum: 400 + type: integer + required: + - status_code + - message + Security_Solution_Entity_Analytics_API_UserEntity: + type: object + properties: + entity: + type: object + properties: + definitionId: + type: string + definitionVersion: + type: string + displayName: + type: string + firstSeenTimestamp: + format: date-time + type: string + id: + type: string + identityFields: + items: + type: string + type: array + lastSeenTimestamp: + format: date-time + type: string + schemaVersion: + type: string + type: + enum: + - node + type: string + required: + - lastSeenTimestamp + - schemaVersion + - definitionVersion + - displayName + - identityFields + - id + - type + - firstSeenTimestamp + - definitionId + user: + type: object + properties: + domain: + items: + type: string + type: array + email: + items: + type: string + type: array + full_name: + items: + type: string + type: array + hash: + items: + type: string + type: array + id: + items: + type: string + type: array + name: + type: string + roles: + items: + type: string + type: array + required: + - name + Security_Solution_Exceptions_API_CreateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemComment + type: array + Security_Solution_Exceptions_API_CreateRuleExceptionListItemProps: + type: object + properties: + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_CreateRuleExceptionListItemCommentArray + default: [] + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + default: single + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + default: [] + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + default: [] + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + required: + - type + - name + - description + - entries + Security_Solution_Exceptions_API_ExceptionList: + type: object + properties: + _version: + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListDescription + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + immutable: + type: boolean + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListType + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListVersion + required: + - id + - list_id + - type + - name + - description + - immutable + - namespace_type + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + description: Human readable string identifier, e.g. `trusted-linux-processes` + Security_Solution_Exceptions_API_ExceptionListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItem: + type: object + properties: + _version: + type: string + comments: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemCommentArray + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemDescription + entries: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryArray + expire_time: + format: date-time + type: string + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + meta: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemMeta + name: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemName + namespace_type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionNamespaceType + os_types: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray + tags: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemTags + tie_breaker_id: + type: string + type: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemType + updated_at: + format: date-time + type: string + updated_by: + type: string + required: + - id + - item_id + - list_id + - type + - name + - description + - entries + - namespace_type + - comments + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Exceptions_API_ExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + created_at: + format: date-time + type: string + created_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + updated_at: + format: date-time + type: string + updated_by: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - id + - comment + - created_at + - created_by + Security_Solution_Exceptions_API_ExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemComment + type: array + Security_Solution_Exceptions_API_ExceptionListItemDescription: + type: string + Security_Solution_Exceptions_API_ExceptionListItemEntry: + anyOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryList + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNested + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard + discriminator: + propertyName: type + Security_Solution_Exceptions_API_ExceptionListItemEntryArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntry + type: array + Security_Solution_Exceptions_API_ExceptionListItemEntryExists: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - exists + type: string + required: + - type + - field + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryList: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + list: + type: object + properties: + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListId' + type: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_ListType' + required: + - id + - type + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - list + type: string + required: + - type + - field + - list + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatch: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - match_any + type: string + value: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_NonEmptyString + minItems: 1 + type: array + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryMatchWildcard: + type: object + properties: + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + operator: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryOperator + type: + enum: + - wildcard + type: string + value: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - type + - field + - value + - operator + Security_Solution_Exceptions_API_ExceptionListItemEntryNested: + type: object + properties: + entries: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem + minItems: 1 + type: array + field: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: + enum: + - nested + type: string + required: + - type + - field + - entries + Security_Solution_Exceptions_API_ExceptionListItemEntryNestedEntryItem: + oneOf: + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatch + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryMatchAny + - $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemEntryExists + Security_Solution_Exceptions_API_ExceptionListItemEntryOperator: + enum: + - excluded + - included + type: string + Security_Solution_Exceptions_API_ExceptionListItemHumanId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListItemName: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ExceptionListItemOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListItemTags: + items: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + type: array + Security_Solution_Exceptions_API_ExceptionListItemType: + enum: + - simple + type: string + Security_Solution_Exceptions_API_ExceptionListMeta: + additionalProperties: true + type: object + Security_Solution_Exceptions_API_ExceptionListName: + type: string + Security_Solution_Exceptions_API_ExceptionListOsType: + enum: + - linux + - macos + - windows + type: string + Security_Solution_Exceptions_API_ExceptionListOsTypeArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListOsType + type: array + Security_Solution_Exceptions_API_ExceptionListsImportBulkError: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListId + item_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListItemHumanId + list_id: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListHumanId + required: + - error + Security_Solution_Exceptions_API_ExceptionListsImportBulkErrorArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_ExceptionListsImportBulkError + type: array + Security_Solution_Exceptions_API_ExceptionListTags: + items: + type: string + type: array + Security_Solution_Exceptions_API_ExceptionListType: + enum: + - detection + - rule_default + - endpoint + - endpoint_trusted_apps + - endpoint_events + - endpoint_host_isolation_exceptions + - endpoint_blocklists + type: string + Security_Solution_Exceptions_API_ExceptionListVersion: + minimum: 1 + type: integer + Security_Solution_Exceptions_API_ExceptionNamespaceType: + description: > + Determines whether the exception container is available in all Kibana + spaces or just the space + + in which it is created, where: + + + - `single`: Only available in the Kibana space in which it is created. + + - `agnostic`: Available in all Kibana spaces. + enum: + - agnostic + - single + type: string + Security_Solution_Exceptions_API_FindExceptionListItemsFilter: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_FindExceptionListsFilter: + type: string + Security_Solution_Exceptions_API_ListId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + Security_Solution_Exceptions_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Exceptions_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Exceptions_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Exceptions_API_RuleId: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_UUID' + Security_Solution_Exceptions_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Exceptions_API_UpdateExceptionListItemComment: + type: object + properties: + comment: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + id: + $ref: '#/components/schemas/Security_Solution_Exceptions_API_NonEmptyString' + required: + - comment + Security_Solution_Exceptions_API_UpdateExceptionListItemCommentArray: + items: + $ref: >- + #/components/schemas/Security_Solution_Exceptions_API_UpdateExceptionListItemComment + type: array + Security_Solution_Exceptions_API_UUID: + description: A universally unique identifier + format: uuid + type: string + Security_Solution_Lists_API_FindListItemsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListItemsFilter: + type: string + Security_Solution_Lists_API_FindListsCursor: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_FindListsFilter: + type: string + Security_Solution_Lists_API_List: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + description: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListDescription' + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + immutable: + type: boolean + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListMetadata' + name: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListName' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + version: + minimum: 1 + type: integer + required: + - id + - type + - name + - description + - immutable + - version + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListDescription: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItem: + type: object + properties: + _version: + type: string + '@timestamp': + format: date-time + type: string + created_at: + format: date-time + type: string + created_by: + type: string + deserializer: + type: string + id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemId' + list_id: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListId' + meta: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemMetadata' + serializer: + type: string + tie_breaker_id: + type: string + type: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListType' + updated_at: + format: date-time + type: string + updated_by: + type: string + value: + $ref: '#/components/schemas/Security_Solution_Lists_API_ListItemValue' + required: + - id + - type + - list_id + - value + - tie_breaker_id + - created_at + - created_by + - updated_at + - updated_by + Security_Solution_Lists_API_ListItemId: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListItemMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListItemPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListItemValue: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListMetadata: + additionalProperties: true + type: object + Security_Solution_Lists_API_ListName: + $ref: '#/components/schemas/Security_Solution_Lists_API_NonEmptyString' + Security_Solution_Lists_API_ListPrivileges: + type: object + properties: + application: + additionalProperties: + type: boolean + type: object + cluster: + additionalProperties: + type: boolean + type: object + has_all_requested: + type: boolean + index: + additionalProperties: + additionalProperties: + type: boolean + type: object + type: object + username: + type: string + required: + - username + - has_all_requested + - cluster + - index + - application + Security_Solution_Lists_API_ListType: + enum: + - binary + - boolean + - byte + - date + - date_nanos + - date_range + - double + - double_range + - float + - float_range + - geo_point + - geo_shape + - half_float + - integer + - integer_range + - ip + - ip_range + - keyword + - long + - long_range + - shape + - short + - text + type: string + Security_Solution_Lists_API_NonEmptyString: + description: A string that is not empty and does not contain only whitespace + minLength: 1 + pattern: ^(?! *$).+$ + type: string + Security_Solution_Lists_API_PlatformErrorResponse: + type: object + properties: + error: + type: string + message: + type: string + statusCode: + type: integer + required: + - statusCode + - error + - message + Security_Solution_Lists_API_SiemErrorResponse: + type: object + properties: + message: + type: string + status_code: + type: integer + required: + - status_code + - message + Security_Solution_Osquery_API_ArrayQueries: + items: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueriesItem' + type: array + Security_Solution_Osquery_API_ArrayQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_CreateLiveQueryRequestBody: + type: object + properties: + agent_all: + type: boolean + agent_ids: + items: + type: string + type: array + agent_platforms: + items: + type: string + type: array + agent_policy_ids: + items: + type: string + type: array + alert_ids: + items: + type: string + type: array + case_ids: + items: + type: string + type: array + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + event_ids: + items: + type: string + type: array + metadata: + nullable: true + type: object + pack_id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackIdOrUndefined' + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ArrayQueries' + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + Security_Solution_Osquery_API_CreatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + name: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackName' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_CreateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_DefaultSuccessResponse: + type: object + properties: {} + Security_Solution_Osquery_API_Description: + type: string + Security_Solution_Osquery_API_DescriptionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Description' + nullable: true + Security_Solution_Osquery_API_ECSMapping: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMappingItem' + type: object + Security_Solution_Osquery_API_ECSMappingItem: + type: object + properties: + field: + type: string + value: + oneOf: + - type: string + - items: + type: string + type: array + Security_Solution_Osquery_API_ECSMappingOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ECSMapping' + nullable: true + Security_Solution_Osquery_API_Enabled: + type: boolean + Security_Solution_Osquery_API_EnabledOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Enabled' + nullable: true + Security_Solution_Osquery_API_FindLiveQueryRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindPacksRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_FindSavedQueryRequestQuery: + type: object + properties: + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_GetLiveQueryResultsRequestQuery: + type: object + properties: + kuery: + $ref: '#/components/schemas/Security_Solution_Osquery_API_KueryOrUndefined' + page: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PageOrUndefined' + pageSize: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PageSizeOrUndefined + sort: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SortOrUndefined' + sortOrder: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SortOrderOrUndefined + Security_Solution_Osquery_API_Id: + type: string + Security_Solution_Osquery_API_Interval: + type: string + Security_Solution_Osquery_API_IntervalOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Interval' + nullable: true + Security_Solution_Osquery_API_KueryOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_ObjectQueries: + additionalProperties: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueriesItem' + type: object + Security_Solution_Osquery_API_ObjectQueriesItem: + type: object + properties: + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Id' + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PlatformOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + saved_query_id: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SavedQueryIdOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_PackId: + type: string + Security_Solution_Osquery_API_PackIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + nullable: true + Security_Solution_Osquery_API_PackName: + type: string + Security_Solution_Osquery_API_PageOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_PageSizeOrUndefined: + nullable: true + type: integer + Security_Solution_Osquery_API_Platform: + type: string + Security_Solution_Osquery_API_PlatformOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Platform' + nullable: true + Security_Solution_Osquery_API_PolicyIds: + items: + type: string + type: array + Security_Solution_Osquery_API_PolicyIdsOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PolicyIds' + nullable: true + Security_Solution_Osquery_API_Query: + type: string + Security_Solution_Osquery_API_QueryOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Query' + nullable: true + Security_Solution_Osquery_API_Removed: + type: boolean + Security_Solution_Osquery_API_RemovedOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Removed' + nullable: true + Security_Solution_Osquery_API_SavedQueryId: + type: string + Security_Solution_Osquery_API_SavedQueryIdOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + nullable: true + Security_Solution_Osquery_API_Shards: + additionalProperties: + type: number + type: object + Security_Solution_Osquery_API_Snapshot: + type: boolean + Security_Solution_Osquery_API_SnapshotOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Snapshot' + nullable: true + Security_Solution_Osquery_API_SortOrderOrUndefined: + oneOf: + - nullable: true + type: string + - enum: + - asc + - desc + Security_Solution_Osquery_API_SortOrUndefined: + nullable: true + type: string + Security_Solution_Osquery_API_UpdatePacksRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + enabled: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_EnabledOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_PackId' + policy_ids: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_PolicyIdsOrUndefined + queries: + $ref: '#/components/schemas/Security_Solution_Osquery_API_ObjectQueries' + shards: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Shards' + Security_Solution_Osquery_API_UpdateSavedQueryRequestBody: + type: object + properties: + description: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + ecs_mapping: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_ECSMappingOrUndefined + id: + $ref: '#/components/schemas/Security_Solution_Osquery_API_SavedQueryId' + interval: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_IntervalOrUndefined + platform: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_DescriptionOrUndefined + query: + $ref: '#/components/schemas/Security_Solution_Osquery_API_QueryOrUndefined' + removed: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_RemovedOrUndefined + snapshot: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_SnapshotOrUndefined + version: + $ref: >- + #/components/schemas/Security_Solution_Osquery_API_VersionOrUndefined + Security_Solution_Osquery_API_Version: + type: string + Security_Solution_Osquery_API_VersionOrUndefined: + $ref: '#/components/schemas/Security_Solution_Osquery_API_Version' + nullable: true + Security_Solution_Timeline_API_BareNote: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + nullable: true + type: string + note: + nullable: true + type: string + timelineId: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + required: + - timelineId + Security_Solution_Timeline_API_ColumnHeaderResult: + type: object + properties: + aggregatable: + type: boolean + category: + type: string + columnHeaderType: + type: string + description: + type: string + example: + oneOf: + - type: string + - type: number + id: + type: string + indexes: + items: + type: string + type: array + name: + type: string + placeholder: + type: string + searchable: + type: boolean + type: + type: string + Security_Solution_Timeline_API_DataProviderQueryMatch: + type: object + properties: + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + Security_Solution_Timeline_API_DataProviderResult: + type: object + properties: + and: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderQueryMatch + nullable: true + type: array + enabled: + nullable: true + type: boolean + excluded: + nullable: true + type: boolean + id: + nullable: true + type: string + kqlQuery: + nullable: true + type: string + name: + nullable: true + type: string + queryMatch: + $ref: '#/components/schemas/Security_Solution_Timeline_API_QueryMatchResult' + nullable: true + type: + $ref: '#/components/schemas/Security_Solution_Timeline_API_DataProviderType' + nullable: true + Security_Solution_Timeline_API_DataProviderType: + description: >- + The type of data provider to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + Security_Solution_Timeline_API_DocumentIds: + oneOf: + - items: + type: string + type: array + - type: string + Security_Solution_Timeline_API_FavoriteTimelineResponse: + type: object + properties: + code: + nullable: true + type: number + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + type: array + message: + nullable: true + type: string + savedObjectId: + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_FavoriteTimelineResult: + type: object + properties: + favoriteDate: + nullable: true + type: number + fullName: + nullable: true + type: string + userName: + nullable: true + type: string + Security_Solution_Timeline_API_FilterTimelineResult: + type: object + properties: + exists: + type: boolean + match_all: + type: string + meta: + type: object + properties: + alias: + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + formattedValue: + type: string + index: + type: string + key: + type: string + negate: + type: boolean + params: + type: string + type: + type: string + value: + type: string + missing: + type: string + query: + type: string + range: + type: string + script: + type: string + Security_Solution_Timeline_API_ImportTimelineResult: + type: object + properties: + errors: + items: + type: object + properties: + error: + type: object + properties: + message: + type: string + status_code: + type: number + id: + type: string + type: array + success: + type: boolean + success_count: + type: number + timelines_installed: + type: number + timelines_updated: + type: number + Security_Solution_Timeline_API_ImportTimelines: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + globalNotes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + nullable: true + type: array + pinnedEventIds: + items: + type: string + nullable: true + type: array + savedObjectId: + nullable: true + type: string + version: + nullable: true + type: string + Security_Solution_Timeline_API_Note: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_BareNote' + - type: object + properties: + noteId: + type: string + version: + type: string + Security_Solution_Timeline_API_PinnedEvent: + type: object + properties: + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + eventId: + type: string + pinnedEventId: + type: string + timelineId: + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + version: + type: string + required: + - eventId + - pinnedEventId + - timelineId + - version + Security_Solution_Timeline_API_QueryMatchResult: + type: object + properties: + displayField: + nullable: true + type: string + displayValue: + nullable: true + type: string + field: + nullable: true + type: string + operator: + nullable: true + type: string + value: + nullable: true + type: string + Security_Solution_Timeline_API_Readable: + type: object + properties: + _data: + additionalProperties: true + type: object + _encoding: + type: string + _events: + additionalProperties: true + type: object + _eventsCount: + type: number + _maxListeners: + additionalProperties: true + type: object + _position: + type: number + _read: + additionalProperties: true + type: object + _readableState: + additionalProperties: true + type: object + readable: + type: boolean + Security_Solution_Timeline_API_RowRendererId: + enum: + - alert + - alerts + - auditd + - auditd_file + - library + - netflow + - plain + - registry + - suricata + - system + - system_dns + - system_endgame_process + - system_file + - system_fim + - system_security_event + - system_socket + - threat_match + - zeek + type: string + Security_Solution_Timeline_API_SavedTimeline: + type: object + properties: + columns: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_ColumnHeaderResult + nullable: true + type: array + created: + nullable: true + type: number + createdBy: + nullable: true + type: string + dataProviders: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_DataProviderResult + nullable: true + type: array + dataViewId: + nullable: true + type: string + dateRange: + nullable: true + type: object + properties: + end: + oneOf: + - type: string + - type: number + start: + oneOf: + - type: string + - type: number + description: + nullable: true + type: string + eqlOptions: + nullable: true + type: object + properties: + eventCategoryField: + nullable: true + type: string + query: + nullable: true + type: string + size: + oneOf: + - nullable: true + type: string + - nullable: true + type: number + tiebreakerField: + nullable: true + type: string + timestampField: + nullable: true + type: string + eventType: + nullable: true + type: string + excludedRowRendererIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_RowRendererId' + nullable: true + type: array + favorite: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FavoriteTimelineResult + nullable: true + type: array + filters: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_FilterTimelineResult + nullable: true + type: array + indexNames: + items: + type: string + nullable: true + type: array + kqlMode: + nullable: true + type: string + kqlQuery: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_SerializedFilterQueryResult + nullable: true + savedQueryId: + nullable: true + type: string + savedSearchId: + nullable: true + type: string + sort: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Sort' + nullable: true + status: + enum: + - active + - draft + - immutable + nullable: true + type: string + templateTimelineId: + nullable: true + type: string + templateTimelineVersion: + nullable: true + type: number + timelineType: + $ref: '#/components/schemas/Security_Solution_Timeline_API_TimelineType' + nullable: true + title: + nullable: true + type: string + updated: + nullable: true + type: number + updatedBy: + nullable: true + type: string + Security_Solution_Timeline_API_SerializedFilterQueryResult: + type: object + properties: + filterQuery: + nullable: true + type: object + properties: + kuery: + nullable: true + type: object + properties: + expression: + nullable: true + type: string + kind: + nullable: true + type: string + serializedQuery: + nullable: true + type: string + Security_Solution_Timeline_API_Sort: + oneOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + - items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_SortObject' + type: array + Security_Solution_Timeline_API_SortFieldTimeline: + description: The field to sort the timelines by. + enum: + - title + - description + - updated + - created + type: string + Security_Solution_Timeline_API_SortObject: + type: object + properties: + columnId: + nullable: true + type: string + columnType: + nullable: true + type: string + sortDirection: + nullable: true + type: string + Security_Solution_Timeline_API_TimelineResponse: + allOf: + - $ref: '#/components/schemas/Security_Solution_Timeline_API_SavedTimeline' + - type: object + properties: + eventIdToNoteIds: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + noteIds: + items: + type: string + type: array + notes: + items: + $ref: '#/components/schemas/Security_Solution_Timeline_API_Note' + type: array + pinnedEventIds: + items: + type: string + type: array + pinnedEventsSaveObject: + items: + $ref: >- + #/components/schemas/Security_Solution_Timeline_API_PinnedEvent + type: array + savedObjectId: + type: string + version: + type: string + required: + - savedObjectId + - version + Security_Solution_Timeline_API_TimelineStatus: + description: >- + The status of the timeline. Valid values are `active`, `draft`, and + `immutable`. + enum: + - active + - draft + - immutable + type: string + Security_Solution_Timeline_API_TimelineType: + description: >- + The type of timeline to create. Valid values are `default` and + `template`. + enum: + - default + - template + type: string + SLOs_400_response: + title: Bad request + type: object + properties: + error: + example: Bad Request + type: string + message: + example: 'Invalid value ''foo'' supplied to: [...]' + type: string + statusCode: + example: 400 + type: number + required: + - statusCode + - error + - message + SLOs_401_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 401 + type: number + required: + - statusCode + - error + - message + SLOs_403_response: + title: Unauthorized + type: object + properties: + error: + example: Unauthorized + type: string + message: + example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" + type: string + statusCode: + example: 403 + type: number + required: + - statusCode + - error + - message + SLOs_404_response: + title: Not found + type: object + properties: + error: + example: Not Found + type: string + message: + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found + type: string + statusCode: + example: 404 + type: number + required: + - statusCode + - error + - message + SLOs_409_response: + title: Conflict + type: object + properties: + error: + example: Conflict + type: string + message: + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists + type: string + statusCode: + example: 409 + type: number + required: + - statusCode + - error + - message + SLOs_budgeting_method: + description: The budgeting method to use when computing the rollup data. + enum: + - occurrences + - timeslices + example: occurrences + title: Budgeting method + type: string + SLOs_create_slo_request: + description: > + The create SLO API request body varies depending on the type of + indicator, time window and budgeting method. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: >- + A optional and unique identifier for the SLO. Must be between 8 and + 36 chars + example: my-super-slo-id + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + required: + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + title: Create SLO request + type: object + SLOs_create_slo_response: + title: Create SLO response + type: object + properties: + id: + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - id + SLOs_delete_slo_instances_request: + description: > + The delete SLO instances request takes a list of SLO id and instance id, + then delete the rollup and summary data. This API can be used to remove + the staled data of an instance SLO that no longer get updated. + properties: + list: + description: An array of slo id and instance id + items: + type: object + properties: + instanceId: + description: The SLO instance identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + sloId: + description: The SLO unique identifier + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + required: + - sloId + - instanceId + type: array + required: + - list + title: Delete SLO instances request + type: object + SLOs_error_budget: + title: Error budget + type: object + properties: + consumed: + description: The error budget consummed, as a percentage of the initial value. + example: 0.8 + type: number + initial: + description: The initial error budget, as 1 - objective + example: 0.02 + type: number + isEstimated: + description: >- + Only for SLO defined with occurrences budgeting method and calendar + aligned time window. + example: true + type: boolean + remaining: + description: The error budget remaining, as a percentage of the initial value. + example: 0.2 + type: number + required: + - initial + - consumed + - remaining + - isEstimated + SLOs_filter: + description: Defines properties for a filter + properties: + meta: + $ref: '#/components/schemas/SLOs_filter_meta' + query: + type: object + title: Filter + type: object + SLOs_filter_meta: + description: Defines properties for a filter + properties: + alias: + nullable: true + type: string + controlledBy: + type: string + disabled: + type: boolean + field: + type: string + group: + type: string + index: + type: string + isMultiIndex: + type: boolean + key: + type: string + negate: + type: boolean + params: + type: object + type: + type: string + value: + type: string + title: FilterMeta + type: object + SLOs_find_slo_response: + description: | + A paginated response of SLOs matching the query. + properties: + page: + example: 1 + type: number + perPage: + example: 25 + type: number + results: + items: + $ref: '#/components/schemas/SLOs_slo_with_summary_response' + type: array + total: + example: 34 + type: number + title: Find SLO response + type: object + SLOs_indicator_properties_apm_availability: + description: Defines properties for the APM availability indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM availability + SLOs_indicator_properties_apm_latency: + description: Defines properties for the APM latency indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + environment: + description: The APM service environment or "*" + example: production + type: string + filter: + description: KQL query used for filtering the data + example: 'service.foo : "bar"' + type: string + index: + description: The index used by APM metrics + example: metrics-apm*,apm* + type: string + service: + description: The APM service name + example: o11y-app + type: string + threshold: + description: The latency threshold in milliseconds + example: 250 + type: number + transactionName: + description: The APM transaction name or "*" + example: GET /my/api + type: string + transactionType: + description: The APM transaction type or "*" + example: request + type: string + required: + - service + - environment + - transactionType + - transactionName + - index + - threshold + type: + description: The type of indicator. + example: sli.apm.transactionDuration + type: string + required: + - type + - params + title: APM latency + SLOs_indicator_properties_custom_kql: + description: Defines properties for a custom query indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + $ref: '#/components/schemas/SLOs_kql_with_filters' + good: + $ref: '#/components/schemas/SLOs_kql_with_filters_good' + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + $ref: '#/components/schemas/SLOs_kql_with_filters_total' + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.kql.custom + type: string + required: + - type + - params + title: Custom Query + SLOs_indicator_properties_custom_metric: + description: Defines properties for a custom metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "good" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" metrics and equation + type: object + properties: + equation: + description: The equation to calculate the "total" metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option + is "sum" + enum: + - sum + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: *' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + type: array + required: + - metrics + - equation + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.metric.custom + type: string + required: + - type + - params + title: Custom metric + SLOs_indicator_properties_histogram: + description: Defines properties for a histogram indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + good: + description: | + An object defining the "good" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for good events. + example: 'processor.outcome: "success"' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + index: + description: The index or index pattern to use + example: my-service-* + type: string + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + total: + description: | + An object defining the "total" events + type: object + properties: + aggregation: + description: The type of aggregation to use. + enum: + - value_count + - range + example: value_count + type: string + field: + description: The field use to aggregate the good events. + example: processor.latency + type: string + filter: + description: The filter for total events. + example: 'processor.outcome : *' + type: string + from: + description: >- + The starting value of the range. Only required for "range" + aggregations. + example: 0 + type: number + to: + description: >- + The ending value of the range. Only required for "range" + aggregations. + example: 100 + type: number + required: + - aggregation + - field + required: + - index + - timestampField + - good + - total + type: + description: The type of indicator. + example: sli.histogram.custom + type: string + required: + - type + - params + title: Histogram indicator + SLOs_indicator_properties_timeslice_metric: + description: Defines properties for a timeslice metric indicator type + type: object + properties: + params: + description: An object containing the indicator parameters. + nullable: false + type: object + properties: + dataViewId: + description: >- + The kibana data view id to use, primarily used to include data + view runtime mappings. Make sure to save SLO again if you + add/update run time fields to the data view and if those fields + are being used in slo queries. + example: 03b80ab3-003d-498b-881c-3beedbaf1162 + type: string + filter: + description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + index: + description: The index or index pattern to use + example: my-service-* + type: string + metric: + description: > + An object defining the metrics, equation, and threshold to + determine if it's a good slice or not + type: object + properties: + comparator: + description: >- + The comparator to use to compare the equation to the + threshold. + enum: + - GT + - GTE + - LT + - LTE + example: GT + type: string + equation: + description: The equation to calculate the metric. + example: A + type: string + metrics: + description: >- + List of metrics with their name, aggregation type, and + field. + items: + anyOf: + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_percentile_metric + - $ref: >- + #/components/schemas/SLOs_timeslice_metric_doc_count_metric + type: array + threshold: + description: >- + The threshold used to determine if the metric is a good + slice or not. + example: 100 + type: number + required: + - metrics + - equation + - comparator + - threshold + timestampField: + description: | + The timestamp field used in the source indice. + example: timestamp + type: string + required: + - index + - timestampField + - metric + type: + description: The type of indicator. + example: sli.metric.timeslice + type: string + required: + - type + - params + title: Timeslice metric + SLOs_kql_with_filters: + description: Defines properties for a filter + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL with filters + SLOs_kql_with_filters_good: + description: The KQL query used to define the good events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'request.latency <= 150 and request.status_code : "2xx"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for good events + SLOs_kql_with_filters_total: + description: The KQL query used to define all events. + oneOf: + - description: the KQL query to filter the documents with. + example: 'field.environment : "production" and service.name : "my-service"' + type: string + - type: object + properties: + filters: + items: + $ref: '#/components/schemas/SLOs_filter' + type: array + kqlQuery: + type: string + title: KQL query for all events + SLOs_objective: + description: Defines properties for the SLO objective + type: object + properties: + target: + description: the target objective between 0 and 1 excluded + example: 0.99 + exclusiveMaximum: true + exclusiveMinimum: true + maximum: 100 + minimum: 0 + type: number + timesliceTarget: + description: >- + the target objective for each slice when using a timeslices + budgeting method + example: 0.995 + maximum: 100 + minimum: 0 + type: number + timesliceWindow: + description: >- + the duration of each slice when using a timeslices budgeting method, + as {duraton}{unit} + example: 5m + type: string + required: + - target + title: Objective + SLOs_settings: + description: Defines properties for SLO settings. + properties: + frequency: + default: 1m + description: Configure how often the transform runs, default 1m + example: 5m + type: string + preventInitialBackfill: + default: false + description: Prevents the transform from backfilling data when it starts. + example: true + type: boolean + syncDelay: + default: 1m + description: The synch delay to apply to the transform. Default 1m + example: 5m + type: string + title: Settings + type: object + SLOs_slo_definition_response: + title: SLO definition response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - enabled + - groupBy + - tags + - createdAt + - updatedAt + - version + SLOs_slo_with_summary_response: + title: SLO response + type: object + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + createdAt: + description: The creation date + example: '2023-01-12T10:03:19.000Z' + type: string + description: + description: The description of the SLO. + example: My SLO description + type: string + enabled: + description: Indicate if the SLO is enabled + example: true + type: boolean + groupBy: + description: optional group by field to use to generate an SLO per distinct value + example: some.field + type: string + id: + description: The identifier of the SLO. + example: 8853df00-ae2e-11ed-90af-09bb6422b258 + type: string + indicator: + discriminator: + mapping: + sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' + sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' + sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' + sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' + sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' + sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + propertyName: type + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + instanceId: + description: the value derived from the groupBy field, if present, otherwise '*' + example: host-abcde + type: string + name: + description: The name of the SLO. + example: My Service SLO + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + revision: + description: The SLO revision + example: 2 + type: number + settings: + $ref: '#/components/schemas/SLOs_settings' + summary: + $ref: '#/components/schemas/SLOs_summary' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + updatedAt: + description: The last update date + example: '2023-01-12T10:03:19.000Z' + type: string + version: + description: The internal SLO version + example: 2 + type: number + required: + - id + - name + - description + - indicator + - timeWindow + - budgetingMethod + - objective + - settings + - revision + - summary + - enabled + - groupBy + - instanceId + - tags + - createdAt + - updatedAt + - version + SLOs_summary: + description: The SLO computed data + properties: + errorBudget: + $ref: '#/components/schemas/SLOs_error_budget' + sliValue: + example: 0.9836 + type: number + status: + $ref: '#/components/schemas/SLOs_summary_status' + required: + - status + - sliValue + - errorBudget + title: Summary + type: object + SLOs_summary_status: + enum: + - NO_DATA + - HEALTHY + - DEGRADING + - VIOLATED + example: HEALTHY + title: summary status + type: string + SLOs_time_window: + description: Defines properties for the SLO time window + type: object + properties: + duration: + description: >- + the duration formatted as {duration}{unit}. Accepted values for + rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w + (weekly) or 1M (monthly) + example: 30d + type: string + type: + description: >- + Indicates weither the time window is a rolling or a calendar aligned + time window. + enum: + - rolling + - calendarAligned + example: rolling + type: string + required: + - duration + - type + title: Time window + SLOs_timeslice_metric_basic_metric_with_field: + type: object + properties: + aggregation: + description: The aggregation type of the metric. + enum: + - sum + - avg + - min + - max + - std_deviation + - last_value + - cardinality + example: sum + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + - field + title: Timeslice Metric Basic Metric with Field + SLOs_timeslice_metric_doc_count_metric: + type: object + properties: + aggregation: + description: The aggregation type of the metric. Only valid option is "doc_count" + enum: + - doc_count + example: doc_count + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + required: + - name + - aggregation + title: Timeslice Metric Doc Count Metric + SLOs_timeslice_metric_percentile_metric: + type: object + properties: + aggregation: + description: >- + The aggregation type of the metric. Only valid option is + "percentile" + enum: + - percentile + example: percentile + type: string + field: + description: The field of the metric. + example: processor.processed + type: string + filter: + description: The filter to apply to the metric. + example: 'processor.outcome: "success"' + type: string + name: + description: The name of the metric. Only valid options are A-Z + example: A + pattern: ^[A-Z]$ + type: string + percentile: + description: The percentile value. + example: 95 + type: number + required: + - name + - aggregation + - field + - percentile + title: Timeslice Metric Percentile Metric + SLOs_update_slo_request: + description: > + The update SLO API request body varies depending on the type of + indicator, time window and budgeting method. Partial update is handled. + properties: + budgetingMethod: + $ref: '#/components/schemas/SLOs_budgeting_method' + description: + description: A description for the SLO. + type: string + indicator: + oneOf: + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' + - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' + - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' + - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' + - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' + name: + description: A name for the SLO. + type: string + objective: + $ref: '#/components/schemas/SLOs_objective' + settings: + $ref: '#/components/schemas/SLOs_settings' + tags: + description: List of tags + items: + type: string + type: array + timeWindow: + $ref: '#/components/schemas/SLOs_time_window' + title: Update SLO request + type: object + securitySchemes: + apiKeyAuth: + description: > + These APIs use key-based authentication. You must create an API key and + use the encoded value in the request header. For example: + `Authorization: ApiKey base64AccessApiKey` + in: header + name: Authorization + type: apiKey + basicAuth: + scheme: basic + type: http +security: + - apiKeyAuth: [] + - basicAuth: [] +tags: + - name: alerting + - description: > + Configure APM agent keys to authorize requests from APM agents to the APM + Server. + name: APM agent keys + - description: > + Annotate visualizations in the APM app with significant events. + Annotations enable you to easily see how events are impacting the + performance of your applications. + name: APM annotations + - description: Case APIs enable you to open and track issues. + name: cases + - name: connectors + - name: Data streams + - description: >- + Data view APIs enable you to manage data views, formerly known as Kibana + index patterns. + name: data views + - name: Elastic Agent actions + - name: Elastic Agent binary download sources + - name: Elastic Agent policies + - name: Elastic Agent status + - name: Elastic Agents + - name: Elastic Package Manager (EPM) + - name: Fleet enrollment API keys + - name: Fleet internals + - name: Fleet Kubernetes + - name: Fleet outputs + - name: Fleet package policies + - name: Fleet proxies + - name: Fleet Server hosts + - name: Fleet service tokens + - name: Fleet uninstall tokens + - description: Machine learning + name: ml + - description: > + Export sets of saved objects that you want to import into {kib}, resolve + import errors, and rotate an encryption key for encrypted saved objects + with the saved objects APIs. + + + To manage a specific type of saved object, use the corresponding APIs. + + For example, use: + + + * [Data views](../group/endpoint-data-views) + + * [Spaces](https://www.elastic.co/guide/en/kibana/current/spaces-api.html) + + * [Short + URLs](https://www.elastic.co/guide/en/kibana/current/short-urls-api.html) + + + Warning: Do not write documents directly to the `.kibana` index. When you + write directly to the `.kibana` index, the data becomes corrupted and + permanently breaks future Kibana versions. + name: saved objects + x-displayName: Saved objects + - description: Manage and interact with Security Assistant resources. + name: Security AI Assistant API + - description: >- + You can create rules that automatically turn events and external alerts + sent to Elastic Security into detection alerts. These alerts are displayed + on the Detections page. + name: Security Solution Detections API + - description: >- + Endpoint Exceptions API allows you to manage detection rule endpoint + exceptions to prevent a rule from generating an alert from incoming events + even when the rule's other criteria are met. + name: Security Solution Endpoint Exceptions API + - description: Interact with and manage endpoints running the Elastic Defend integration. + name: Security Solution Endpoint Management API + - description: '' + name: Security Solution Entity Analytics API + - description: >- + Exceptions API allows you to manage detection rule exceptions to prevent a + rule from generating an alert from incoming events even when the rule's + other criteria are met. + name: Security Solution Exceptions API + - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. + name: Security Solution Lists API + - description: Run live queries, manage packs and saved queries. + name: Security Solution Osquery API + - description: >- + You can create Timelines and Timeline templates via the API, as well as + import new Timelines from an ndjson file. + name: Security Solution Timeline API + - description: SLO APIs enable you to define, manage and track service-level objectives + name: slo + - name: system diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index e4e718c3f73c9..2f7ae5fd8b18b 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -64,16 +64,16 @@ info: version: 1.0.2 x-doc-license: name: Attribution-NonCommercial-NoDerivatives 4.0 International - url: 'https://creativecommons.org/licenses/by-nc-nd/4.0/' + url: https://creativecommons.org/licenses/by-nc-nd/4.0/ x-feedbackLink: label: Feedback url: >- https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ servers: - - url: 'https://{kibana_url}' + - url: https://{kibana_url} variables: kibana_url: - default: 'localhost:5601' + default: localhost:5601 paths: /api/actions: get: @@ -138,11 +138,53 @@ paths: - actionTypeId responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: - connectors - '/api/actions/action/{id}': + /api/actions/action/{id}: delete: deprecated: true description: 'WARNING: When you delete a connector, it cannot be recovered.' @@ -195,6 +237,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -245,11 +329,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/action/{id}/_execute': + /api/actions/action/{id}/_execute: post: deprecated: true operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' @@ -289,6 +415,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -318,7 +486,7 @@ paths: summary: Get connector types tags: - connectors - '/api/actions/connector/{id}': + /api/actions/connector/{id}: delete: description: 'WARNING: When you delete a connector, it cannot be recovered.' operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' @@ -369,6 +537,48 @@ paths: type: string responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Get connector information tags: @@ -391,7 +601,8 @@ paths: schema: example: 'true' type: string - - in: path + - description: An identifier for the connector. + in: path name: id required: false schema: @@ -422,6 +633,48 @@ paths: - connector_type_id responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Create a connector tags: @@ -472,11 +725,53 @@ paths: - name responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Update a connector tags: - connectors - '/api/actions/connector/{id}/_execute': + /api/actions/connector/{id}/_execute: post: description: >- You can use this API to test an action that involves interaction with @@ -518,6 +813,48 @@ paths: - params responses: '200': + content: + application/json; Elastic-Api-Version=2023-10-31: + schema: + additionalProperties: false + type: object + properties: + config: + additionalProperties: {} + type: object + connector_type_id: + description: The connector type identifier. + type: string + id: + description: The identifier for the connector. + type: string + is_deprecated: + description: Indicates whether the connector is deprecated. + type: boolean + is_missing_secrets: + description: Indicates whether the connector is missing secrets. + type: boolean + is_preconfigured: + description: >- + Indicates whether the connector is preconfigured. If true, + the `config` and `is_missing_secrets` properties are + omitted from the response. + type: boolean + is_system_action: + description: >- + Indicates whether the connector is used for system + actions. + type: boolean + name: + description: ' The name of the rule.' + type: string + required: + - id + - name + - connector_type_id + - is_preconfigured + - is_deprecated + - is_system_action description: Indicates a successful call. summary: Run a connector tags: @@ -631,7 +968,7 @@ paths: example: true type: boolean is_sufficiently_secure: - description: 'If `false`, security is enabled but TLS is not.' + description: If `false`, security is enabled but TLS is not. example: true type: boolean description: Indicates a successful call. @@ -943,7 +1280,7 @@ paths: summary: Get the rule types tags: - alerting - '/api/alerting/rule/{id}': + /api/alerting/rule/{id}: delete: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' parameters: @@ -971,6 +1308,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Delete a rule tags: - alerting @@ -1725,7 +2068,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -1797,6 +2140,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Get rule details tags: - alerting @@ -2860,7 +3209,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -2932,6 +3281,12 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '409': + description: Indicates that the rule id is already in use. summary: Create a rule tags: - alerting @@ -3966,7 +4321,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -4038,10 +4393,18 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update a rule tags: - alerting - '/api/alerting/rule/{id}/_disable': + /api/alerting/rule/{id}/_disable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' parameters: @@ -4081,10 +4444,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Disable a rule tags: - alerting - '/api/alerting/rule/{id}/_enable': + /api/alerting/rule/{id}/_enable: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' parameters: @@ -4112,10 +4481,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. summary: Enable a rule tags: - alerting - '/api/alerting/rule/{id}/_mute_all': + /api/alerting/rule/{id}/_mute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' parameters: @@ -4146,7 +4521,7 @@ paths: summary: Mute all alerts tags: - alerting - '/api/alerting/rule/{id}/_unmute_all': + /api/alerting/rule/{id}/_unmute_all: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' parameters: @@ -4177,7 +4552,7 @@ paths: summary: Unmute all alerts tags: - alerting - '/api/alerting/rule/{id}/_update_api_key': + /api/alerting/rule/{id}/_update_api_key: post: operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' parameters: @@ -4205,10 +4580,18 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule with the given ID does not exist. + '409': + description: Indicates that the rule has already been updated by another user. summary: Update the API key for a rule tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_mute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 @@ -4243,10 +4626,16 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Mute an alert tags: - alerting - '/api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute': + /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: post: operationId: >- %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 @@ -4281,6 +4670,12 @@ paths: responses: '204': description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. + '404': + description: Indicates a rule or alert with the given ID does not exist. summary: Unmute an alert tags: - alerting @@ -5136,7 +5531,7 @@ paths: description: Recur the rule until this date. type: string wkst: - description: 'Indicates the start of week, defaults to Monday.' + description: Indicates the start of week, defaults to Monday. enum: - MO - TU @@ -5208,10 +5603,14 @@ paths: - execution_status - revision description: Indicates a successful call. + '400': + description: Indicates an invalid schema or parameters. + '403': + description: Indicates that this call is forbidden. summary: Get information about rules tags: - alerting - '/api/alerts/alert/{alertId}': + /api/alerts/alert/{alertId}: delete: deprecated: true description: > @@ -5513,7 +5912,7 @@ paths: summary: Update an alert tags: - alerting - '/api/alerts/alert/{alertId}/_disable': + /api/alerts/alert/{alertId}/_disable: post: deprecated: true description: Deprecated in 7.13.0. Use the disable rule API instead. @@ -5539,7 +5938,7 @@ paths: summary: Disable an alert tags: - alerting - '/api/alerts/alert/{alertId}/_enable': + /api/alerts/alert/{alertId}/_enable: post: deprecated: true description: Deprecated in 7.13.0. Use the enable rule API instead. @@ -5565,7 +5964,7 @@ paths: summary: Enable an alert tags: - alerting - '/api/alerts/alert/{alertId}/_mute_all': + /api/alerts/alert/{alertId}/_mute_all: post: deprecated: true description: Deprecated in 7.13.0. Use the mute all alerts API instead. @@ -5591,7 +5990,7 @@ paths: summary: Mute all alert instances tags: - alerting - '/api/alerts/alert/{alertId}/_unmute_all': + /api/alerts/alert/{alertId}/_unmute_all: post: deprecated: true description: Deprecated in 7.13.0. Use the unmute all alerts API instead. @@ -5617,7 +6016,7 @@ paths: summary: Unmute all alert instances tags: - alerting - '/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute': + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute: post: deprecated: true description: Deprecated in 7.13.0. Use the mute alert API instead. @@ -5650,7 +6049,7 @@ paths: summary: Mute an alert instance tags: - alerting - '/api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute': + /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute: post: deprecated: true description: Deprecated in 7.13.0. Use the unmute alert API instead. @@ -5877,7 +6276,7 @@ paths: example: true type: boolean isSufficientlySecure: - description: 'If `false`, security is enabled but TLS is not.' + description: If `false`, security is enabled but TLS is not. example: true type: boolean description: Indicates a successful call. @@ -6022,8 +6421,8 @@ paths: privileges: items: enum: - - 'event:write' - - 'config_agent:read' + - event:write + - config_agent:read type: string type: array required: true @@ -6049,7 +6448,7 @@ paths: summary: Create an APM agent key tags: - APM agent keys - '/api/apm/services/{serviceName}/annotation': + /api/apm/services/{serviceName}/annotation: post: description: Create a new annotation for a specific service. operationId: createAnnotation @@ -6124,7 +6523,7 @@ paths: summary: Create a service annotation tags: - APM annotations - '/api/apm/services/{serviceName}/annotation/search': + /api/apm/services/{serviceName}/annotation/search: get: description: Search for annotations related to a specific service. operationId: getAnnotation @@ -6338,7 +6737,7 @@ paths: summary: Search cases tags: - cases - '/api/cases/{caseId}': + /api/cases/{caseId}: get: description: > You must have `read` privileges for the **Cases** feature in the @@ -6369,7 +6768,7 @@ paths: summary: Get case information tags: - cases - '/api/cases/{caseId}/alerts': + /api/cases/{caseId}/alerts: get: description: > You must have `read` privileges for the **Cases** feature in the @@ -6400,7 +6799,7 @@ paths: tags: - cases x-technical-preview: true - '/api/cases/{caseId}/comments': + /api/cases/{caseId}/comments: delete: description: > Deletes all comments and alerts from a case. You must have `all` @@ -6527,7 +6926,7 @@ paths: summary: Add a case comment or alert tags: - cases - '/api/cases/{caseId}/comments/_find': + /api/cases/{caseId}/comments/_find: get: description: > Retrieves a paginated list of comments for a case. You must have `read` @@ -6557,7 +6956,7 @@ paths: summary: Find case comments and alerts tags: - cases - '/api/cases/{caseId}/comments/{commentId}': + /api/cases/{caseId}/comments/{commentId}: delete: description: > You must have `all` privileges for the **Cases** feature in the @@ -6613,7 +7012,7 @@ paths: summary: Get a case comment or alert tags: - cases - '/api/cases/{caseId}/connector/{connectorId}/_push': + /api/cases/{caseId}/connector/{connectorId}/_push: post: description: > You must have `all` privileges for the **Actions and Connectors** @@ -6651,7 +7050,7 @@ paths: summary: Push a case to an external service tags: - cases - '/api/cases/{caseId}/user_actions': + /api/cases/{caseId}/user_actions: get: deprecated: true description: > @@ -6682,7 +7081,7 @@ paths: summary: Get case activity tags: - cases - '/api/cases/{caseId}/user_actions/_find': + /api/cases/{caseId}/user_actions/_find: get: description: > Retrives a paginated list of user activity for a case. You must have @@ -6728,7 +7127,7 @@ paths: summary: Find case activity tags: - cases - '/api/cases/alerts/{alertId}': + /api/cases/alerts/{alertId}: get: description: > You must have `read` privileges for the **Cases** feature in the @@ -7149,7 +7548,7 @@ paths: summary: Add case settings tags: - cases - '/api/cases/configure/{configurationId}': + /api/cases/configure/{configurationId}: patch: description: > Updates setting details such as the closure type, custom fields, @@ -7591,7 +7990,7 @@ paths: summary: Create a data view tags: - data views - '/api/data_views/data_view/{viewId}': + /api/data_views/data_view/{viewId}: delete: description: | WARNING: When you delete a data view, it cannot be recovered. @@ -7664,7 +8063,7 @@ paths: summary: Update a data view tags: - data views - '/api/data_views/data_view/{viewId}/fields': + /api/data_views/data_view/{viewId}/fields: post: description: > Update fields presentation metadata such as count, customLabel, @@ -7707,7 +8106,7 @@ paths: summary: Update data view fields metadata tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field': + /api/data_views/data_view/{viewId}/runtime_field: post: operationId: createRuntimeFieldDefault parameters: @@ -7799,7 +8198,7 @@ paths: summary: Create or update a runtime field tags: - data views - '/api/data_views/data_view/{viewId}/runtime_field/{fieldName}': + /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: delete: operationId: deleteRuntimeFieldDefault parameters: @@ -8199,7 +8598,7 @@ paths: summary: Create agent binary download source tags: - Elastic Agent binary download sources - '/api/fleet/agent_download_sources/{sourceId}': + /api/fleet/agent_download_sources/{sourceId}: delete: operationId: delete-download-source parameters: @@ -8402,7 +8801,7 @@ paths: summary: Bulk get agent policies tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}': + /api/fleet/agent_policies/{agentPolicyId}: get: description: Get one agent policy operationId: agent-policy-info @@ -8457,7 +8856,7 @@ paths: summary: Update agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/copy': + /api/fleet/agent_policies/{agentPolicyId}/copy: parameters: - in: path name: agentPolicyId @@ -8499,7 +8898,7 @@ paths: summary: Copy agent policy by ID tags: - Elastic Agent policies - '/api/fleet/agent_policies/{agentPolicyId}/download': + /api/fleet/agent_policies/{agentPolicyId}/download: get: operationId: agent-policy-download responses: @@ -8538,7 +8937,7 @@ paths: required: false schema: type: string - '/api/fleet/agent_policies/{agentPolicyId}/full': + /api/fleet/agent_policies/{agentPolicyId}/full: get: operationId: agent-policy-full responses: @@ -8821,7 +9220,7 @@ paths: summary: List agents by action ids tags: - Elastic Agents - '/api/fleet/agents/{agentId}': + /api/fleet/agents/{agentId}: delete: operationId: delete-agent parameters: @@ -8906,7 +9305,7 @@ paths: summary: Update agent by ID tags: - Elastic Agents - '/api/fleet/agents/{agentId}/actions': + /api/fleet/agents/{agentId}/actions: parameters: - in: path name: agentId @@ -8947,7 +9346,7 @@ paths: summary: Create agent action tags: - Elastic Agent actions - '/api/fleet/agents/{agentId}/reassign': + /api/fleet/agents/{agentId}/reassign: parameters: - in: path name: agentId @@ -9009,7 +9408,7 @@ paths: summary: Reassign agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/request_diagnostics': + /api/fleet/agents/{agentId}/request_diagnostics: parameters: - in: path name: agentId @@ -9048,7 +9447,7 @@ paths: summary: Request agent diagnostics tags: - Elastic Agents - '/api/fleet/agents/{agentId}/unenroll': + /api/fleet/agents/{agentId}/unenroll: parameters: - in: path name: agentId @@ -9094,7 +9493,7 @@ paths: summary: Unenroll agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/upgrade': + /api/fleet/agents/{agentId}/upgrade: parameters: - in: path name: agentId @@ -9123,7 +9522,7 @@ paths: summary: Upgrade agent tags: - Elastic Agents - '/api/fleet/agents/{agentId}/uploads': + /api/fleet/agents/{agentId}/uploads: get: operationId: list-agent-uploads responses: @@ -9267,7 +9666,7 @@ paths: summary: Get agent action status tags: - Elastic Agent actions - '/api/fleet/agents/actions/{actionId}/cancel': + /api/fleet/agents/actions/{actionId}/cancel: parameters: - in: path name: actionId @@ -9309,7 +9708,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9358,7 +9757,7 @@ paths: type: array agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9402,7 +9801,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9457,7 +9856,7 @@ paths: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: @@ -9503,7 +9902,7 @@ paths: - agent1 - agent2 rollout_duration_seconds: 3600 - source_uri: 'https://artifacts.elastic.co/downloads/beats/elastic-agent' + source_uri: https://artifacts.elastic.co/downloads/beats/elastic-agent start_time: '2022-08-03T14:00:00.000Z' version: 8.4.0 schema: @@ -9524,7 +9923,7 @@ paths: summary: Bulk upgrade agents tags: - Elastic Agents - '/api/fleet/agents/files/{fileId}': + /api/fleet/agents/files/{fileId}: delete: operationId: delete-agent-upload-file responses: @@ -9553,7 +9952,7 @@ paths: required: true schema: type: string - '/api/fleet/agents/files/{fileId}/{fileName}': + /api/fleet/agents/files/{fileId}/{fileName}: get: operationId: get-agent-upload-file responses: @@ -9747,7 +10146,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment_api_keys/{keyId}': + /api/fleet/enrollment_api_keys/{keyId}: delete: operationId: delete-enrollment-api-key parameters: @@ -9858,7 +10257,7 @@ paths: summary: Create enrollment API key tags: - Fleet enrollment API keys - '/api/fleet/enrollment-api-keys/{keyId}': + /api/fleet/enrollment-api-keys/{keyId}: delete: deprecated: true operationId: delete-enrollment-api-key-deprecated @@ -10143,7 +10542,7 @@ paths: summary: Bulk install packages tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgkey}': + /api/fleet/epm/packages/{pkgkey}: delete: deprecated: true operationId: delete-package-deprecated @@ -10303,7 +10702,7 @@ paths: summary: Install package tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}: delete: operationId: delete-package parameters: @@ -10535,7 +10934,7 @@ paths: summary: Update package settings tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath}: get: operationId: packages-get-file responses: @@ -10573,7 +10972,7 @@ paths: required: true schema: type: string - '/api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize': + /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: post: description: '' operationId: reauthorize-transforms @@ -10639,7 +11038,7 @@ paths: summary: Authorize transforms tags: - Elastic Package Manager (EPM) - '/api/fleet/epm/packages/{pkgName}/stats': + /api/fleet/epm/packages/{pkgName}/stats: get: operationId: get-package-stats responses: @@ -10686,7 +11085,7 @@ paths: tags: - Elastic Package Manager (EPM) parameters: [] - '/api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs': + /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: get: operationId: get-inputs-template responses: @@ -10826,7 +11225,7 @@ paths: summary: Create Fleet Server host tags: - Fleet Server hosts - '/api/fleet/fleet_server_hosts/{itemId}': + /api/fleet/fleet_server_hosts/{itemId}: delete: operationId: delete-fleet-server-hosts parameters: @@ -11059,7 +11458,7 @@ paths: summary: Create output tags: - Fleet outputs - '/api/fleet/outputs/{outputId}': + /api/fleet/outputs/{outputId}: delete: operationId: delete-output parameters: @@ -11128,7 +11527,7 @@ paths: summary: Update output by ID tags: - Fleet outputs - '/api/fleet/outputs/{outputId}/health': + /api/fleet/outputs/{outputId}/health: get: operationId: get-output-health responses: @@ -11142,7 +11541,7 @@ paths: description: long message if unhealthy type: string state: - description: 'state of output, HEALTHY or DEGRADED' + description: state of output, HEALTHY or DEGRADED type: string timestamp: description: timestamp of reported state @@ -11264,7 +11663,7 @@ paths: summary: Bulk get package policies tags: - Fleet package policies - '/api/fleet/package_policies/{packagePolicyId}': + /api/fleet/package_policies/{packagePolicyId}: delete: operationId: delete-package-policy parameters: @@ -11536,7 +11935,7 @@ paths: summary: Create proxy tags: - Fleet proxies - '/api/fleet/proxies/{itemId}': + /api/fleet/proxies/{itemId}: delete: operationId: delete-fleet-proxies parameters: @@ -11795,7 +12194,7 @@ paths: summary: List metadata for latest uninstall tokens per agent policy tags: - Fleet uninstall tokens - '/api/fleet/uninstall_tokens/{uninstallTokenId}': + /api/fleet/uninstall_tokens/{uninstallTokenId}: get: operationId: get-uninstall-token parameters: @@ -11871,7 +12270,7 @@ paths: operationId: bulkCreateSavedObjects parameters: - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: 'When true, overwrites the document with the same identifier.' + - description: When true, overwrites the document with the same identifier. in: query name: overwrite schema: @@ -12555,7 +12954,7 @@ paths: summary: Resolve import errors tags: - saved objects - '/api/saved_objects/{type}': + /api/saved_objects/{type}: post: deprecated: true description: Create a Kibana saved object with a randomly generated identifier. @@ -12563,7 +12962,7 @@ paths: parameters: - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: 'If true, overwrites the document with the same identifier.' + - description: If true, overwrites the document with the same identifier. in: query name: overwrite schema: @@ -12599,7 +12998,7 @@ paths: summary: Create a saved object tags: - saved objects - '/api/saved_objects/{type}/{id}': + /api/saved_objects/{type}/{id}: get: deprecated: true description: Retrieve a single Kibana saved object by identifier. @@ -12633,7 +13032,7 @@ paths: - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - $ref: '#/components/parameters/Saved_objects_saved_object_id' - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: 'If true, overwrites the document with the same identifier.' + - description: If true, overwrites the document with the same identifier. in: query name: overwrite schema: @@ -12705,7 +13104,7 @@ paths: summary: Update a saved object tags: - saved objects - '/api/saved_objects/resolve/{type}/{id}': + /api/saved_objects/resolve/{type}/{id}: get: deprecated: true description: > @@ -12790,7 +13189,7 @@ paths: summary: Get Kibana's current status tags: - system - '/s/{spaceId}/api/observability/slos': + /s/{spaceId}/api/observability/slos: get: description: > You must have the `read` privileges for the **SLOs** feature in the @@ -12805,7 +13204,7 @@ paths: name: kqlQuery schema: type: string - - description: 'The page to use for pagination, must be greater or equal than 1' + - description: The page to use for pagination, must be greater or equal than 1 example: 1 in: query name: page @@ -12931,7 +13330,7 @@ paths: summary: Create an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/_delete_instances': + /s/{spaceId}/api/observability/slos/_delete_instances: post: description: > The deletion occurs for the specified list of `sloId` and `instanceId`. @@ -12971,7 +13370,7 @@ paths: summary: Batch delete rollup and summary data tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}': + /s/{spaceId}/api/observability/slos/{sloId}: delete: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13109,7 +13508,7 @@ paths: summary: Update an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/_reset': + /s/{spaceId}/api/observability/slos/{sloId}/_reset: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13153,7 +13552,7 @@ paths: summary: Reset an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/disable': + /s/{spaceId}/api/observability/slos/{sloId}/disable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13193,7 +13592,7 @@ paths: summary: Disable an SLO tags: - slo - '/s/{spaceId}/api/observability/slos/{sloId}/enable': + /s/{spaceId}/api/observability/slos/{sloId}/enable: post: description: > You must have the `write` privileges for the **SLOs** feature in the @@ -13740,7 +14139,7 @@ components: value: - actionTypeId: .jira config: - apiUrl: 'https://elastic.atlassian.net/' + apiUrl: https://elastic.atlassian.net/ projectKey: ES id: 61787f53-4eee-4741-8df6-8fe84fa616f7 isDeprecated: false @@ -14013,7 +14412,7 @@ components: connector_name: My connector external_id: '71926' external_title: ES-554 - external_url: 'https://cases.jira.com' + external_url: https://cases.jira.com pushed_at: '2022-07-29T01:20:58.436Z' pushed_by: email: null @@ -14083,7 +14482,7 @@ components: type: .jira created_at: '2024-07-01T17:07:17.767Z' created_by: - email: 'null,' + email: null, full_name: null profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 username: elastic @@ -14200,7 +14599,7 @@ components: username: elastic version: WzI2LDNd Cases_update_case_request: - summary: 'Update the case description, tags, and connector.' + summary: Update the case description, tags, and connector. value: cases: - connector: @@ -14263,7 +14662,7 @@ components: connector_name: Jira external_id: '10003' external_title: IS-4 - external_url: 'https://hms.atlassian.net/browse/IS-4' + external_url: https://hms.atlassian.net/browse/IS-4 pushed_at: '2023-10-13T09:20:40.672Z' pushed_by: email: null @@ -14371,7 +14770,7 @@ components: runtimeFieldMap: runtime_shape_name: script: - source: 'emit(doc[''shape_name''].value)' + source: emit(doc['shape_name'].value) type: keyword title: logstash-* Data_views_create_runtime_field_request: @@ -14380,7 +14779,7 @@ components: name: runtimeFoo runtimeField: script: - source: 'emit(doc["foo"].value)' + source: emit(doc["foo"].value) type: long Data_views_get_data_view_response: summary: >- @@ -14402,35 +14801,35 @@ components: products.base_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.base_unit_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.min_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxful_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 products.taxless_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 taxful_total_price: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] taxless_total_price: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 fields: _id: aggregatable: false @@ -14906,7 +15305,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_price readFromDocValues: true @@ -14922,7 +15321,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.base_unit_price readFromDocValues: true @@ -15042,7 +15441,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.min_price readFromDocValues: true @@ -15058,7 +15457,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.price readFromDocValues: true @@ -15161,7 +15560,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxful_price readFromDocValues: true @@ -15177,7 +15576,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: products.taxless_price readFromDocValues: true @@ -15221,7 +15620,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: taxful_total_price readFromDocValues: true @@ -15237,7 +15636,7 @@ components: format: id: number params: - pattern: '$0,0.00' + pattern: $0,0.00 isMapped: true name: taxless_total_price readFromDocValues: true @@ -15348,7 +15747,7 @@ components: AvgTicketPrice: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] hour_of_day: id: number params: @@ -15416,7 +15815,7 @@ components: format: id: number params: - pattern: '$0,0.[00]' + pattern: $0,0.[00] isMapped: true name: AvgTicketPrice readFromDocValues: true @@ -15691,7 +16090,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -15816,7 +16215,7 @@ components: runtimeFieldMap: hour_of_day: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long sourceFilters: [] timeFieldName: timestamp @@ -15831,7 +16230,7 @@ components: readFromDocValues: false runtimeField: script: - source: 'emit(doc[''timestamp''].value.getHour());' + source: emit(doc['timestamp'].value.getHour()); type: long scripted: false searchable: true @@ -15879,7 +16278,7 @@ components: value: runtimeField: script: - source: 'emit(doc["bar"].value)' + source: emit(doc["bar"].value) Machine_learning_APIs_mlSyncExample: summary: Two anomaly detection jobs required synchronization in this example. value: @@ -16377,7 +16776,7 @@ components: - desc type: string Fleet_with_metrics: - description: 'Return agent metrics, false by default' + description: Return agent metrics, false by default in: query name: withMetrics required: false @@ -17235,7 +17634,7 @@ components: nullable: true type: string parent: - description: 'The key of the parent issue, when the issue type is sub-task.' + description: The key of the parent issue, when the issue type is sub-task. nullable: true type: string priority: @@ -18887,7 +19286,7 @@ components: - fromId - toId Data_views_timefieldname: - description: 'The timestamp field name, which you use for time-based data views.' + description: The timestamp field name, which you use for time-based data views. type: string Data_views_title: description: >- @@ -18895,7 +19294,7 @@ components: to search. Supports wildcards (`*`). type: string Data_views_type: - description: 'When set to `rollup`, identifies the rollup data views.' + description: When set to `rollup`, identifies the rollup data views. type: string Data_views_typemeta: description: >- @@ -19194,6 +19593,25 @@ components: collection will be disabled nullable: true type: boolean + monitoring_diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number monitoring_enabled: items: enum: @@ -19201,9 +19619,22 @@ components: - logs type: string type: array + monitoring_http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled monitoring_output_id: nullable: true type: string + monitoring_pprof_enabled: + type: boolean name: type: string namespace: @@ -19422,14 +19853,14 @@ components: properties: agents: oneOf: - - description: 'KQL query string, leave empty to action all agents' + - description: KQL query string, leave empty to action all agents type: string - description: list of agent IDs items: type: string type: array force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean rollout_duration_seconds: description: rolling upgrade window duration in seconds @@ -19675,6 +20106,63 @@ components: type: string inputs: type: string + monitoring: + type: object + properties: + diagnostics: + type: object + properties: + limit: + type: object + properties: + burst: + type: number + interval: + type: string + uploader: + type: object + properties: + init_dur: + type: string + max_dur: + type: string + max_retries: + type: number + enabled: + type: boolean + http: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: number + required: + - enabled + logs: + type: boolean + metrics: + type: boolean + namespace: + type: string + pprof: + type: object + properties: + enabled: + type: boolean + required: + - enabled + traces: + type: boolean + use_output: + type: string + required: + - enabled + - metrics + - logs + - traces output_permissions: additionalProperties: type: object @@ -20984,14 +21472,14 @@ components: type: object properties: enabled: - description: 'enable or disable that input, (default to true)' + description: enable or disable that input, (default to true) type: boolean streams: additionalProperties: type: object properties: enabled: - description: 'enable or disable that stream, (default to true)' + description: enable or disable that stream, (default to true) type: boolean vars: description: >- @@ -21200,7 +21688,7 @@ components: type: object properties: force: - description: 'Force upgrade, skipping validation (should be used with caution)' + description: Force upgrade, skipping validation (should be used with caution) type: boolean skipRateLimitCheck: description: Skip rate limit check for upgrade @@ -21606,7 +22094,7 @@ components: additionalProperties: $ref: >- #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: 'If saved objects are missing for trained models, they are created.' + description: If saved objects are missing for trained models, they are created. type: object title: Sync API response for created saved objects type: object @@ -21761,7 +22249,7 @@ components: example: Not Found type: string message: - example: 'SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found' + example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found type: string statusCode: example: 404 @@ -21778,7 +22266,7 @@ components: example: Conflict type: string message: - example: 'SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists' + example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists type: string statusCode: example: 409 @@ -21887,11 +22375,11 @@ components: type: object properties: consumed: - description: 'The error budget consummed, as a percentage of the initial value.' + description: The error budget consummed, as a percentage of the initial value. example: 0.8 type: number initial: - description: 'The initial error budget, as 1 - objective' + description: The initial error budget, as 1 - objective example: 0.02 type: number isEstimated: @@ -21901,7 +22389,7 @@ components: example: true type: boolean remaining: - description: 'The error budget remaining, as a percentage of the initial value.' + description: The error budget remaining, as a percentage of the initial value. example: 0.2 type: number required: @@ -21986,7 +22474,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -22033,7 +22521,7 @@ components: type: string index: description: The index used by APM metrics - example: 'metrics-apm*,apm*' + example: metrics-apm*,apm* type: string service: description: The APM service name @@ -22167,7 +22655,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22221,7 +22709,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22523,7 +23011,7 @@ components: properties: frequency: default: 1m - description: 'Configure how often the transform runs, default 1m' + description: Configure how often the transform runs, default 1m example: 5m type: string preventInitialBackfill: @@ -22668,7 +23156,7 @@ components: - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' instanceId: - description: 'the value derived from the groupBy field, if present, otherwise ''*''' + description: the value derived from the groupBy field, if present, otherwise '*' example: host-abcde type: string name: @@ -22793,7 +23281,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22816,7 +23304,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string required: - name @@ -22844,7 +23332,7 @@ components: name: description: The name of the metric. Only valid options are A-Z example: A - pattern: '^[A-Z]$' + pattern: ^[A-Z]$ type: string percentile: description: The percentile value. @@ -22965,6 +23453,6 @@ tags: permanently breaks future Kibana versions. name: saved objects x-displayName: Saved objects - - description: 'SLO APIs enable you to define, manage and track service-level objectives' + - description: SLO APIs enable you to define, manage and track service-level objectives name: slo - name: system diff --git a/package.json b/package.json index 33fd113603e7a..ea24d9016a81c 100644 --- a/package.json +++ b/package.json @@ -421,6 +421,7 @@ "@kbn/data-search-plugin": "link:test/plugin_functional/plugins/data_search", "@kbn/data-service": "link:packages/kbn-data-service", "@kbn/data-stream-adapter": "link:packages/kbn-data-stream-adapter", + "@kbn/data-usage-plugin": "link:x-pack/plugins/data_usage", "@kbn/data-view-editor-plugin": "link:src/plugins/data_view_editor", "@kbn/data-view-field-editor-example-plugin": "link:examples/data_view_field_editor_example", "@kbn/data-view-field-editor-plugin": "link:src/plugins/data_view_field_editor", @@ -482,6 +483,7 @@ "@kbn/esql-ast": "link:packages/kbn-esql-ast", "@kbn/esql-ast-inspector-plugin": "link:examples/esql_ast_inspector", "@kbn/esql-datagrid": "link:src/plugins/esql_datagrid", + "@kbn/esql-editor": "link:packages/kbn-esql-editor", "@kbn/esql-utils": "link:packages/kbn-esql-utils", "@kbn/esql-validation-autocomplete": "link:packages/kbn-esql-validation-autocomplete", "@kbn/esql-validation-example-plugin": "link:examples/esql_validation_example", @@ -592,7 +594,7 @@ "@kbn/kibana-utils-plugin": "link:src/plugins/kibana_utils", "@kbn/kubernetes-security-plugin": "link:x-pack/plugins/kubernetes_security", "@kbn/langchain": "link:x-pack/packages/kbn-langchain", - "@kbn/language-documentation-popover": "link:packages/kbn-language-documentation-popover", + "@kbn/language-documentation": "link:packages/kbn-language-documentation", "@kbn/lens-config-builder-example-plugin": "link:x-pack/examples/lens_config_builder_example", "@kbn/lens-embeddable-utils": "link:packages/kbn-lens-embeddable-utils", "@kbn/lens-formula-docs": "link:packages/kbn-lens-formula-docs", @@ -918,7 +920,6 @@ "@kbn/telemetry-test-plugin": "link:test/plugin_functional/plugins/telemetry", "@kbn/test-feature-usage-plugin": "link:x-pack/test/licensing_plugin/plugins/test_feature_usage", "@kbn/testing-embedded-lens-plugin": "link:x-pack/examples/testing_embedded_lens", - "@kbn/text-based-editor": "link:packages/kbn-text-based-editor", "@kbn/third-party-lens-navigation-prompt-plugin": "link:x-pack/examples/third_party_lens_navigation_prompt", "@kbn/third-party-vis-lens-example-plugin": "link:x-pack/examples/third_party_vis_lens_example", "@kbn/threat-intelligence-plugin": "link:x-pack/plugins/threat_intelligence", @@ -1130,7 +1131,7 @@ "jquery": "^3.5.0", "js-search": "^1.4.3", "js-sha256": "^0.9.0", - "js-yaml": "^3.14.1", + "js-yaml": "^4.1.0", "json-schema-to-ts": "^2.9.1", "json-stable-stringify": "^1.0.1", "json-stringify-pretty-compact": "1.2.0", @@ -1241,7 +1242,7 @@ "source-map-support": "^0.5.19", "stats-lite": "^2.2.0", "strip-ansi": "^6.0.0", - "styled-components": "^5.1.0", + "styled-components": "^5.3.11", "suricata-sid-db": "^1.0.2", "swr": "^2.2.5", "symbol-observable": "^1.2.0", @@ -1560,7 +1561,7 @@ "@types/jest": "^29.5.3", "@types/jquery": "^3.3.31", "@types/js-search": "^1.4.0", - "@types/js-yaml": "^3.11.1", + "@types/js-yaml": "^4.0.9", "@types/jsdom": "^20.0.1", "@types/json-schema": "^7", "@types/json-stable-stringify": "^1.0.32", diff --git a/packages/cloud/connection_details/kibana/kibana_connection_details_provider.tsx b/packages/cloud/connection_details/kibana/kibana_connection_details_provider.tsx index 444ff70ff9128..d400f67993f8a 100644 --- a/packages/cloud/connection_details/kibana/kibana_connection_details_provider.tsx +++ b/packages/cloud/connection_details/kibana/kibana_connection_details_provider.tsx @@ -21,6 +21,7 @@ const createOpts = async (props: KibanaConnectionDetailsProviderProps) => { const { http, docLinks, analytics } = start.core; const locator = start.plugins?.share?.url?.locators.get('MANAGEMENT_APP_LOCATOR'); const manageKeysLink = await locator?.getUrl({ sectionId: 'security', appId: 'api_keys' }); + const elasticsearchConfig = await start.plugins?.cloud?.fetchElasticsearchConfig(); const result: ConnectionDetailsOpts = { ...options, navigateToUrl: start.core.application @@ -35,7 +36,7 @@ const createOpts = async (props: KibanaConnectionDetailsProviderProps) => { }, endpoints: { id: start.plugins?.cloud?.cloudId, - url: start.plugins?.cloud?.elasticsearchUrl, + url: elasticsearchConfig?.elasticsearchUrl, cloudIdLearMoreLink: docLinks?.links?.cloud?.beatsAndLogstashConfiguration, ...options?.endpoints, }, diff --git a/packages/cloud/deployment_details/services.tsx b/packages/cloud/deployment_details/services.tsx index d3ca0a340b600..73959627e98e6 100644 --- a/packages/cloud/deployment_details/services.tsx +++ b/packages/cloud/deployment_details/services.tsx @@ -6,8 +6,7 @@ * your election, the "Elastic License 2.0", the "GNU Affero General Public * License v3.0 only", or the "Server Side Public License, v 1". */ - -import React, { FC, PropsWithChildren, useContext } from 'react'; +import React, { FC, PropsWithChildren, useContext, useEffect } from 'react'; export interface DeploymentDetailsContextValue { cloudId?: string; @@ -58,7 +57,7 @@ export interface DeploymentDetailsKibanaDependencies { cloud: { isCloudEnabled: boolean; cloudId?: string; - elasticsearchUrl?: string; + fetchElasticsearchConfig: () => Promise<{ elasticsearchUrl?: string }>; }; /** DocLinksStart contract */ docLinks: { @@ -79,11 +78,19 @@ export interface DeploymentDetailsKibanaDependencies { export const DeploymentDetailsKibanaProvider: FC< PropsWithChildren > = ({ children, ...services }) => { + const [elasticsearchUrl, setElasticsearchUrl] = React.useState(''); + + useEffect(() => { + services.cloud.fetchElasticsearchConfig().then((config) => { + setElasticsearchUrl(config.elasticsearchUrl || ''); + }); + }, [services.cloud]); + const { core: { application: { navigateToUrl }, }, - cloud: { isCloudEnabled, cloudId, elasticsearchUrl }, + cloud: { isCloudEnabled, cloudId }, share: { url: { locators }, }, diff --git a/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx b/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx index 6bf97b47dfc9f..59e548e401490 100644 --- a/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx +++ b/packages/content-management/content_insights/content_insights_public/src/components/views_stats/views_stats.tsx @@ -86,7 +86,7 @@ const NoViewsTip = () => ( content={ } /> diff --git a/packages/content-management/user_profiles/src/components/user_missing_tip.tsx b/packages/content-management/user_profiles/src/components/user_missing_tip.tsx index 0f4b24591320b..602e9cc228975 100644 --- a/packages/content-management/user_profiles/src/components/user_missing_tip.tsx +++ b/packages/content-management/user_profiles/src/components/user_missing_tip.tsx @@ -16,7 +16,7 @@ export const NoCreatorTip = (props: { iconType?: IconType }) => ( content={ } {...props} @@ -28,7 +28,7 @@ export const NoUpdaterTip = (props: { iconType?: string }) => ( content={ } {...props} diff --git a/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx b/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx index 4605dd02fd229..dd39fa0287f27 100644 --- a/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx +++ b/packages/core/chrome/core-chrome-browser-internal/src/chrome_service.tsx @@ -422,6 +422,7 @@ export class ChromeService { return (