Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[EDR Workflows] Correct bugs in Execute action API docs #4236

Merged
merged 6 commits into from
Jan 23, 2024
Merged

[EDR Workflows] Correct bugs in Execute action API docs #4236

Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
8a933a0
[EDR Workflows] Correct bugs in Execute action API docs
kevinlog Nov 10, 2023
64a4b50
Update docs/management/api/execute-api.asciidoc
natasha-moore-elastic Jan 23, 2024
60b7301
Update docs/management/api/execute-api.asciidoc
natasha-moore-elastic Jan 23, 2024
e6f0956
Update docs/management/api/execute-api.asciidoc
natasha-moore-elastic Jan 23, 2024
72365c2
Applies review feedback
natasha-moore-elastic Jan 23, 2024
1de97bd
Merge branch 'main' into task/correct-errors-execute-action
natasha-moore-elastic Jan 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions docs/management/api/execute-api.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,14 @@ A JSON object with these fields:
|`case_ids` |Array (String) |The IDs of cases where the action taken will be logged. |No
|`comment` |String |Attach a comment to this action's log. The comment text will appear in associated cases. |No
|`parameters.command` |String |A shell command to run on the host. The command must be supported by `bash` for Linux and macOS hosts, and `cmd.exe` for Windows. |Yes
|`parameters.timeout` |String |How long the host should wait for the command to complete. Use `h` for hours, `m` for minutes, `s` for seconds (for example, `2s` is two seconds). If no timeout is specified, it defaults to four hours. |No
|`parameters.timeout` |Integer |The duration, in seconds, that the host waits for the command to complete. If no timeout is specified, it defaults to four hours. |No
|==============================================

NOTE: The `execute` action uploads a text file containing the results of the execution on the endpoint, which is rate-limited. If you are using the `endpoint_ids` field to task multiple endpoints, you should batch your calls in groups of 10 at a time.

===== Example requests

Runs the command `ls -al` on a host with an `endpoint_id` value of `ed518850-681a-4d60-bb98-e22640cae2a8` with a timeout of `5m` and comments `Get list of all files`:
Runs the command `ls -al` on a host with an `endpoint_id` value of `ed518850-681a-4d60-bb98-e22640cae2a8` with a timeout of `600` seconds and comments `Get list of all files`:

[source,sh]
--------------------------------------------------
Expand All @@ -37,7 +38,7 @@ POST /api/endpoint/action/execute
"endpoint_ids": ["ed518850-681a-4d60-bb98-e22640cae2a8"],
"parameters": {
"command": "ls -al",
"timeout": "5m"
"timeout": 600
},
"comment": "Get list of all files"
}
Expand Down Expand Up @@ -88,7 +89,7 @@ A JSON object with the details of the response action created.
"comment": "Get list of all files",
"parameters": {
"command": "ls -al",
"timeout": 300
"timeout": 600
}
}
}
Expand Down